IHG investigates possible payment card breach at several U.S. hotels

Khairallah joined Marcus Hotels & Resorts in 2013 as COO, and in 2014 he assumed day-to-day oversight for the company's hotel division.

The InterContinental Hotels Group, parent company to a number of hotel chains, including Holiday Inn and Holiday Inn Express,  is investigating a possible breach of customers’ payment card data.

In addition to the Holiday Inn brands, InterContinental owns a number of chains: Crowne Plaza, Staybridge Suites, Candlewood Suites, Hotel Indigo, Even Hotels and Kimpton. Sources in the financial industry have told information security reporter Brian Krebs that they’re seeing fraudulent transactions on cards that were used at InterContinental properties, especially Holiday Inn. 

The British hotel chain hired a computer security firm to investigate patterns of possible credit and debit card fraud as it continues to work with payment card networks for additional support, an InterContinental spokesperson said.

FREE DAILY NEWSLETTER

Like this story? Subscribe to Operations & Technology!

Hospitality professionals turn to Operations & Technology as their go-to source for breaking news on guestrooms, food & beverage, hospitality and technology trends, management and more. Sign up today to get news and updates delivered to your inbox daily and read on the go.

“IHG takes the protection of payment card data very seriously. We were made aware of a report of unauthorized charges occurring on some payment cards that were recently used at a small number of U.S.-based hotel locations,” the company said in a statement to the Daily News

“We are committed to swiftly resolving this matter. In the meantime, and in line with best practice, we recommend that individuals closely monitor their payment card account statements. If there are unauthorized charges, individuals should immediately notify their bank. Payment card network rules generally state that cardholders are not responsible for such charges.”

The company did not name the security firm but suggested that if customers find unauthorized charges, individuals should immediately inform their bank. Thieves would plant malicious software onto point-of-sale devices at restaurants and bars inside the hotels, capturing customers’ card data with each swipe, the KrebsOnSecurity blog reported.

Suggested Articles

As well as acquiring a stake in the company, The Silverstone Cos. has also gained exclusive rights to development in Asia.

The real estate investment trust plans sell the InterContinental Buckhead Atlanta and Sofitel Washington DC Lafayette Square.

If the Barclay brothers sell the Ritz Hotel for the rumoured £800m to a consortium of Saudi Arabian families it will have increased in value 150 times