InterContinental Hotels Investigates Credit Card Data Breach

InterContinental Hotels Investigates Credit Card Data Breach

December 29, 2016         Written By John H. Oldshue

Holiday Inn parent company InterContinental Hotels Group (IHG), which runs more than 5,000 hotels worldwide, is investigating a possible credit card breach at some U.S. locations.

KrebsOnSecurity received reports last week from sources who work in fraud prevention at a number of financial institutions. The sources told Krebs they were seeing fraud patterns on debit and credit cards that suggested a breach at IHG properties, particularly Holiday Inn and Holiday Inn Express hotels.

Featured Fair Credit Card
Top Features :All credit types welcome to apply!

A spokesperson for IHG told Krebs the company had already received similar reports and had hired an outside security firm to assist in the investigation. The company stated, “IHG takes the protection of payment card data very seriously. We were made aware of a report of unauthorized charges occurring on some payment cards that were recently used at a small number of U.S.-based hotel locations. We immediately launched an investigation, which includes retaining a leading computer security firm to provide us with additional support.  We continue to work with the payment card networks.”

The company also said they will work to quickly resolve the breach, but they advise customers to monitor their credit card statements for fraudulent transactions. “We are committed to swiftly resolving this matter. In the meantime, and in line with best practice, we recommend that individuals closely monitor their payment card account statements.  If there are unauthorized charges, individuals should immediately notify their bank. Payment card network rules generally state that cardholders are not responsible for such charges.”

This is not the first breach IHG has suffered this year. Kimpton Hotels suffered a similar attack. Hackers were able to compromise the payment card system by installing malware on the payment terminals of over 60 hotels and restaurants. Once the malware is installed, criminals have access to the credit card information of anyone who pays at the terminal. Card information includes the cardholder name, card number, expiration date and CVV code.

The information contained within this article was accurate as of December 29, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue