Even some of the biggest hotels in the USA need some form of cyber security insurance, as the latest major breach proves.
World-renowned hotel chain InterContinental Hotels Group has announced that a third of its franchised properties in the US were attacked late last year by malware that can indiscriminately steal the credit card information of guests.
Holiday Inn, Holiday Inn Express, Hotel Indigo, Crowne Plaza, Candlewood Suites and Staybridge Suites were the brands most affected by the malware, the company revealed.
Learn how to grow revenue, reduce costs and improve your customers’ experience. If you’re not currently using e-signature, download this free whitepaper to learn how it can change your business.
InterContinental spokesperson Neil Hirsch said on Wednesday that about 1,200 US-based properties and one hotel in Puerto Rico were hit with the malware between September 29 and December 29. Hirsch confirmed that the company had 3,633 franchised properties in the Americas by the end of 2016, and that only a “small percentage” of franchisees have not yet taken up the company’s offer to assess their systems for any signs of malware.
The company added that there is no evidence of unauthorized access to payment card data after December 29, 2016. InterContinental also admitted that the cyber security team under its employ was unable to detect the malware until this February and March.
The Globe and Mail reported that the malware searched for track data read from the magnetic strip of a payment card whenever one is used through an affected hotel server. Information that can be mined from the scanned strip includes the cardholder’s name, card number, expiration date, and internal verification code.
Related stories:
Keeping up with cyber criminals
The insurance lessons to learn from McDonald’s, President Trump and that Tweet