InterContinental Hotels Group has confirmed a data breach at 12 company-managed properties during the period from August through December 2016. Based on an investigation begun this past Dec. 28 in the wake of reports of unauthorized charges occurring on some customer payment cards, IHG is providing notification to guests who used their cards at restaurants and bars at the hotels in question; cards used at the front desk of these properties were not affected. An investigation of other properties in the Americas region is ongoing, according to the hotel company.
The 12 hotels affected include the Crowne Plaza San Jose-Silicon Valley; Holiday Inn San Francisco Fisherman's Wharf; InterContinental Los Angeles Century City; InterContinental Mark Hopkins (San Francisco); InterContinental San Francisco; InterContinental Buckhead Atlanta; InterContinental Chicago Magnificent Mile; InterContinental The Willard (Washington, D.C.); Holiday Inn Resort-Aruba; InterContinental Toronto Yorkville; InterContinental San Juan Resort & Casino (Puerto Rico); Holiday Inn Nashville Airport.
A list of the affected restaurants and bars, along with the specific time frames for each (times vary by location), can be found at www.ihg.com/protectingourguests. The site also contains more information on steps guests may take to protect their information.
According to a statement, "IHG has been working with the security firms to review IHG's security measures, confirm that this issue has been remediated, and evaluate ways to enhance IHG's security measures. IHG has notified law enforcement and is working with the payment-card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring on the affected cards."
IHG franchises, leases, manages or owns nearly 5,100 hotels and more than 750,000 guest rooms in almost 100 countries, with nearly 1,500 hotels in its development pipeline.