Credit card stealing malware: 1200 InterContinental hotels breached

A few months earlier, it was reported that a number of InterContinental hotels have been targeted by a credit card stealing malware and now the IHG has confirmed that the reports were actually true.

The attack is believed to have started in late September and since then, hackers have targeted at least 1200 InterContinental Hotels, according to TheVerge.

RelatedHackers Infect Hotel Door Lock System with Ransomware

According to KrebsonSecurity (the journalist investigating this matter), the culprits installed the malware in the point-of-sale software via remote hacking tools, allowing them to steal credit card information of customers every time a credit card is swiped.

The number of affected users hasn’t been determined yet, but it’s safe to say that the number is quite big because over 1200 hotels were compromised.

The information stolen by the hackers includes names of the credit card holders, expiration dates, and internal verification code of every credit card swiped at the affected hotels; IHG group wrote on their website.

Although the stolen information hasn’t been misused yet, hackers can easily use it to purchase anything or perhaps sell the information on DarkWeb.

Official Response:

IHG has posted on its blog that On behalf of franchisees, IHG has been working closely with the payment card networks as well as with the cyber security firm to confirm that the malware has been eradicated and evaluate ways for franchisees to improve safety measures.  Law enforcement also has been notified. 

Furthermore, IHG has published a list of affected hotels to let customers know whether they stayed in a compromised hotel or a safe one, and the list will continually be updated with the ongoing investigation.

While the IHG officials are working closely with KrebsonSecurity, they have advised their customers to look out for any suspicious activity in their bank statements and immediately report any suspicious activity to the bank officials. 

Related: Donald Trump Hotels Breached Again, Credit Card Data Compromised

Well, thank you for informing this IHG, but we are aware of the procedures here, and instead of advising customers to look out for any unauthorized access, you should have made necessary safeguard to prevent such kind of incident from happening.


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

Related Posts