recommended reading

Threatwatch

InterContinental Hotel Group Finds Credit-Card Swiping Software—Again

Payment device infection

A hotel chain alerted customers to review payment card statements carefully after it found unauthorized charges on payment cards used at more than 1,000 of its locations.

The InterContinental Hotels Group announced it discovered malware designed to steal credit and debit card information operating at some locations from Sept. 29 to Dec. 29. The malware grabbed “track data,” the information read on a card’s magnetic stripe. The group hired an unnamed cybersecurity firm to eliminate the malware from its systems and had already been implementing a point-to-point encryption payment system.

Last year, the group’s Kimpton Hotel brand suffered a breach of its hotels and restaurant payments systems from February 2016 to July 2016, according to Krebs On Security. IHG operates about dozen other hotel brands including Holiday Day Inn, Crowne Plaza, Hotel Indigo and Staybridge Suites.

sector

Hospitality

reported

April 18, 2017

reported by

Krebs on Security

number affected

Unknown

location of breach

Unknown

perpetrators

Criminals

location of perpetrators

Unknown

date breach occurred

September 29, 2016

date breach detected

Unknown