InterContinental Hotels Breach Discovered to Be Bigger Than Initially Thought

Media Division | April 19, 2017

InterContinental Hotels Group (IHG) is the parent company of several different hotel chains, including Holiday Inn, Kimpton Hotels and Resorts, Candlewood Suites, and Crowne Plaza.  In February, IHG had stated they had suffered a cyber attack and consequential data breach in the latter part of last year, which at the time was only thought to have affected about 12 properties.  But upon further investigation, the breach was found to have a much wider impact across various chains.

The Extent of the Breach

After the initial discovery of the breach in December of last year, they had called in cyber security experts to review and investigate the incident.  They had found that malware had infected the payment processing servers and had been collecting card information, including card number, cardholder name, and internal verification codes. Attackers can then use this information to clone cards and make fraudulent purchases.  After this was discovered, IHG had notified affected customers, and it appeared the incident was resolved for the most part.  But, according to a statement from IHG, the malware was crafted to collect card information from cards used at front desks and it had operated for several months.  Consequently, it is now believed that around 1,200 franchise locations are included in the breach as well.

Provision of Security Solutions

According to their statement, IHG locations had begun to implement IHG’s Secure Payment Solution (SPS) prior to the breach, which is “a point-to-point encryption payment acceptance solution.”  Those who had done this prior to September 29, 2016, were apparently not affected by the breach.  It had also apparently thwarted the malware’s ability to find payment card data when installed after that date, and so cards used at locations after the implementation of SPS were not affected.  IHG has been providing free forensic assistance to franchised locations and is encouraging them to implement SPS to encrypt payment information.

The hospitality industry tends to be a frequent target for cyber attackers.  With the wide range of customer data and card information that cycles through these organizations, they become a treasure trove of illicit gains for the attackers.  There have already been several other instances of cyber attacks on hospitality organizations over the past year, including Hyatt Hotels, Hutton Hotel, and Noble House Hotels and Resorts.  There was also an incident at a hotel in Austria in which ransomware had blocked their ability to create new key cards for guests, and this was actually the fourth time that hotel had been hit by a cyber attack.

The Importance of Rapid Data Breach Solutions

With the high incidence of cyber attacks and data breaches in our modern times, it is important that organizations are able to defend themselves, as well as have a rapid response in the event of a successful breach.  Breaches can be extremely detrimental to organizations, as they can steal sensitive information, and destroy reputation and customer trust.  An organization must be able to respond to a breach quickly and appropriately, or it could be their downfall.  They must be able to display to their customers or clients that they are putting proper attention on the breach and that it will be fully addressed.  The rapid application of data breach solutions is what will allow an organization to recover and eventually thrive after a breach.  Data breach solutions from Massive Alliance can help an organization to mitigate and remediate after a cyber attack.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.