Kimpton, the boutique hotel brand of the Intercontinental Hotels Group warned customers of a possible data breach as malware was detected in the servers that process card payments for the properties.
The hotel said that the malware was designed to track card number, card holder name, expiration date, and internal verification code from the payments that passed through the servers.
Investigators initiated a probe after a notice in July about "unauthorized charges occurring on payment cards after they had been used by guests at the restaurant in one of our hotels."
The breach covered transactions involving cards used between February 16 and July at some of its properties, Kimpton said.
A list of affected properties can be found on its website.
Management firm HEI Hotels and Resorts said that the data breach may have exposed payment card information from tens of thousands of food, drink, and other transactions at the affected hotels.
The Kimpton attack comes almost three weeks after another breach was reported at 20 US properties operated by HEI for InterContinental, Hyatt Hotels Corp, Starwood Hotels & Resorts Worldwide Inc and Marriott International Inc.