1200 of Intercontinental Hotels Group's hotels suffered a hacker attack
Intercontinental Hotels Group, which manages hotel chains, including very famous ones such as Holiday Inn and Crown Plaza, admitted that it greatly underestimated the scale of the hacker attack aimed at it. Initially, Intercontinental Hotels' spokesperson said that systems of 12 hotels were infected with malware; now the number had to be increased 100 times. According to the latest data, 1200 hotels in the USA and Puerto Rico fell victims to the attack.
Malware stole data from POS terminals at the moment of transaction and later on transferred it to servers controlled by cybercriminals. Stolen information, which includes card numbers, expiry dates, CVV codes and cardholders' names, is enough to conduct transactions unauthorized by the card owners or to create clones of the cards. The attack lasted from the end of September till the end of December 2016 and could have affected a significant number of hotels' guests. The company states though that only guests who paid directly at the hotel were affected, not those who paid online.
At the moment, Intercontinental Hotels Group has only published the list of hotels affected by the attack and urged guests to pay attention to the state of their accounts. Experts believe that this measure is clearly insufficient. They remind that in such cases companies usually offer their clients a free package of services to protect their personal data from being stolen as well as accounts' monitoring. In case someone from Intercontinental Hotels' guests faces unauthorized withdrawals from the accounts, the company itself runs the risk of facing lawsuits.