Potential InterContinental Hotels Data Breach Puts Customer Credit Card Data at Risk

It's a new year, and with a new year comes new cases of data breaches, such as the one that has allegedly taken place within InterContinental Hotels systems. Reports initiating from KrebsOnSecurity reportedly claim that the InterContinental Hotels Group (IHG) is aware of a potential security breach in their system that may have spilled the credit card details of an unknown number of customers.

Currently, an investigation has been launched to find out if a potential data breach that took place on IHG systems has compromised customer credit card data. Among the locations targeted, Holiday Inn and Holiday Express hotels, part of the IHG chain of hotels, are two of the possible locations that had Point-of-Sale (POS) malware installed on their systems, which is known to allow hackers to infiltrate a system and steal credit card data.

While the investigation takes place into the potential IHG data breach, customers of the massive hotel chain, which includes many other hotel brands, are recommending that customers monitor their credit card activity. Additionally, IHG is asking that any unauthorized payments on their accounts be reported.

Hotel chains as long been massive targets for data breaches, which have specifically gone after customer credit card data and seldom customer information that enables hackers to launch spam campaigns and spread malware. While hotel chains often have several security measures in place to thwart data breach attacks, the well-known method of using a POS malware attack continues to be highly successful in breaching data on a hotel chain's system or server.

Last year, during the beginning of 2016, InterContinental Hotels Group suffered a breach similar to what is suspected to have taken place last week with a familiar attack on a POS device used by Kimpton Hotels, another branch of the parent IHG company.

What happens in many of the Hotel data breaches is a Point-of-Sale system is infected with specialized malware that may be used to steal credit card information. The theft of such data takes place when authorizations are made in an affected Hotel branch gathering data such as the name of the credit card customer, their security code, and credit card numbers. Armed with enough information, hackers can utilize POS data to compromised accounts and make unauthorized charges that could end up costing customers and banking institutions thousands of dollars in the end.

As always, those who may suspect being a victim of a potential IHG data breach should closely monitor their accounts for any suspicious activity. Moreover, it's imperative to promptly report unauthorized activity to better help authorities track down the perpetrators in the potential data breach incident, in addition to stopping fraudulent charges on your account.

As an answer to the potential data breach, IHG has released the following statement:

"IHG takes the protection of payment card data very seriously. We were made aware of a report of unauthorized charges occurring on some payment cards that were recently used at a small number of U.S.-based hotel locations. We immediately launched an investigation, which includes retaining a leading computer security firm to provide us with additional support. We continue to work with the payment card networks."