More than 1100 IHG hotels in the US and Puerto Rico were hit by malware starting in late 2016 causing some credit card data to be compromised. The systems appear to have been compromised between 29 September and 29 December 2016, though the dates vary by hotel. The company released a statement about the incident last week describing the impact:
The malware searched for track data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the affected hotel server. There is no indication that other guest information was affected. A list of affected IHG franchise locations and respective time frames, which may vary by location, is available here.
IHG also published a list of affected hotels but I really dislike the interface they put on top of it with multiple dropdown boxes to filter the results. So I rebuilt the list into a simple Google Docs Spreadsheet to share.
Hopefully this is useful to some folks.
Never miss another post: Sign up for email alerts and get only the content you want direct to your inbox.