InterContinental Hotels Group (IHG) is warning guests that hackers may have accessed their payment card information at locations across the country, including 10 in Connecticut.
IHG said it received several reports from credit card companies of unauthorized charges appearing on accounts used at IHG locations. When IHG investigated, it discovered malware used to steal payment card information from cards used at front desks at certain franchise hotel locations. The theft took place between September 29, 2016 and December 29, 2016.
IHG has 12 brands including Holiday Inn, Holiday Inn Express, Candlewood Suites, Crowne Plaza, Even, Hotel Indigo, HUALUXE Hotels and Resorts, InterContinental, Kimpton Hotels and Resorts, and Staybridge Suites.
There were 10 Connecticut locations affected by the breach – the Holiday Inn locations in East Hartford, New London, and Norwich, and the Holiday Inn Express locations in Branford, Meriden, Milford, Mystic, Newington, Southington, and Vernon.
IHG said it believes the malware accessed only payment data and that other guest information was not affected. IHG is working with the payment card networks and a cyber-security firm to ensure the malware was properly removed, and to evaluate and enhance security measures. The company has also informed law enforcement.
Anyone who stayed at an affected location is encouraged to review statements for any unauthorized activity and report it immediately to your bank or credit card company. For a full list of affected locations across the country, click here.
United States residents who want more information can contact IHG at 855-330-6367 from 8:00 a.m. to 8:00 p.m. ET, Monday to Friday. Anyone from outside the United States can call 800-290-9989 from 8:00 a.m. to 8:00 p.m. ET, Monday to Friday.