Kimpton Hotels investigates possible payment-card breach

Boutique hotel operator Kimpton, part of InterContinental Hotels Group, said Tuesday that it’s investigating reports of a possible credit-card breach at several properties.

“Kimpton Hotels & Restaurants takes the protection of payment card data very seriously. Kimpton was recently made aware of a report of unauthorized charges occurring on cards that were previously used legitimately at Kimpton properties,” the San Francisco-based company said in a statement.

Kimpton has hired a computer security firm to look into whether guest data has been compromised or if its internal systems have been hacked. While the investigation is ongoing, the hotel group has advised guests who have stayed at Kimpton properties recently to “ closely monitor their payment card account statements” and immediately notify their banks in the event of any unauthorized charges.

Earlier this week, computer security journalist Brian Krebs, who writes the  Krebs on Security blog, said he had contacted Kimpton on July 22 after three payments industry sources told him of a pattern of card abuse that suggested a breach at two dozen Kimpton hotels.

Kimpton operates 62 hotels across the U.S. with a total of 11,153 rooms available.

Assuming a breach is confirmed, the company would join a list of hotel brands that have acknowledged card breaches over the last year, including the Hard Rock Hotel & Casino in Las Vegas (twice), Trump Hotels (twice), Golden Nugget hotels, Mandarin Oriental, Omni Hotels, Rosen Hotels & Resorts and White Lodging.