Malware cyber attack exposes Credit Card details of InterContinental Hotel guests


A malware attack on a chain of hotels owned by InterContinental has resulted in the leak of credit card details to hackers. The Global Hotels Chain has also accepted the fact that the stolen details were used by hackers to make unauthorized transactions. The brands affected were Holiday Inn, Holiday Inn Express, Hotel Indigo, Crowne Plaza, Candlewood Suites and Daybridge Suites.

As per the sources of Cybersecurity Insiders, some 1200 US based franchised properties related to InterContinental Hotel Group (IHG) based in Buckingham, UK were affected by the malware between September 29th and December 29th of last year.

The cyber crooks who launched the said malware attack managed to gain critical info from the server such as card holders name, the card number, its expiry date and internal verification code, along with the number which is behind the black magnetic strip of the payment card.

Intercontinental’s security team launched a probe in February this year and found that 12 of its 86 managed properties in America and one from Puerto Rico were affected by the malware.

IHG has urged its guests to check their bank statements for the said period. If they find any kind of suspicious activity the management has asked the victimized guests to visit the IHG website for more details on how to proceed.

Early this year, a hacking group from Russia hacked a Central Key Management server of an Austria-based luxury hotel and locked the hotel rooms in which some high profile guests were residing. The 4-Star SeeHotel Jaegerwirt hotel rooms remained locked until a Bitcoins ransom was paid to the cyber crooks.

Note- InterContinental Group (IHG) is a British Multinational hotels company which is headquartered in Denham, UK. It has over 5,288 hotels across 100 countries and over 28K workers working as employees for the hotel chain.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display