December 28, 2016

Hotel company investigating card breach

KrebsOnSecurity reports that InterContinental Hotels Group, a parent company for hotels including Holiday Inn, is investigating a possible card breach at several U.S. locations.

Krebs said it began getting tips about a possible breach last week, from sources who noticed a pattern of fraud in consumer credit and debit cards used at IHG properties, including Holiday Inn and Holiday Inn Express locations. IHG, after being contacted by Krebs, said it had hired an outside security firm to investigate.

IHG operates more than 5,000 hotels in almost 100 countries, and its brands also include InterContinental, Kimpton Hotels and Crowne Plaza.

Hotels have become a popular target for card breaches. In September, a Tennessee-based hotel admitted its point-of-sale systems had been compromised for more than three years by malware. Other affected hotels in recent years include Hilton, Trump Hotels, Starwood Hotels and Hyatt.

NAFCU continues to push for Congress to pass a strong national data security standard for retailers that would hold them to the same standards credit unions already follow under the Gramm-Leach-Bliley Act.