InterContinental Hotels’ hit by cyberattack

InterContinental Hotels’ hit by cyberattack | Insurance Business

InterContinental Hotels’ hit by cyberattack
Even hotels need some form of cyber security insurance, as the latest major breach proves.

World-renowned hotel chain InterContinental Hotels Group has announced that a third of its franchised properties in the US were attacked late last year by malware that can indiscriminately steal the credit card information of guests.

Learn more about data breach insurance here.

Holiday Inn, Holiday Inn Express, Hotel Indigo, Crowne Plaza, Candlewood Suites and Staybridge Suites were the brands most affected by the malware, the company revealed.

InterContinental spokesperson Neil Hirsch said on Wednesday that about 1,200 US-based properties and one hotel in Puerto Rico were hit with the malware between September 29 and December 29. Hirsch confirmed that the company had 3,633 franchised properties in the Americas by the end of 2016, and that only a “small percentage” of franchisees have not yet taken up the company’s offer to assess their systems for any signs of malware.

Want the latest insurance industry news first? Sign up for our completely free newsletter service now.

The company added that there is no evidence of unauthorized access to payment card data after December 29, 2016. InterContinental also admitted that the cyber security team under its employ was unable to detect the malware until this February and March.

The Globe and Mail reported that the malware searched for track data read from the magnetic strip of a payment card whenever one is used through an affected hotel server. Information that can be mined from the scanned strip includes the cardholder’s name, card number, expiration date, and internal verification code.

Related stories:
Casino attack: cyber threat increasing
Online forum operator VerticalScope hacked