Holiday Inn parent company notes 1,174-hotel data breach

This Wednesday, June 10, 2015 photo shows a chip credit card in Philadelphia. Even as an October 1 deadline approaches to switch Americans over to credit cards embedded with chips, the vast majority still does not have the new cards and only some are using them as intended, a new Associated Press-GfK poll shows. (AP Photo/Matt Rourke)

ATLANTA (WPRI) – According to Holiday Inn’s parent company, Intercontinental Hotels Group (IHG), there’s a chance credit card data was stolen.

The company announced last Friday that more than 1,174 franchise hotels of various brands in the United States had data breaches. IHG has in its stable Holiday Inn, Holiday Inn Express, Crowne Plaza, Candlewood Suites, Staybridge Suites, and other hotel brands. Malware was downloaded onto front desk computers, and when a clerk swiped a card to charge it, the number and information was funneled through hackers.

Credit card networks told some of the hotels that were hit about patterns of unauthorized charges after the hotels charged cards legitimately, IHG said in a statement.

Local hotels that may be affected by the breach

Brand Hotel Address City State/Province Postal Code Date Start Date End
Hotel Indigo Albany Latham 254 Wolf Road Latham NY 12110 September 29, 2016 November 30, 2016
Holiday Inn Express Clifton Park 18 Clifton Park Village Road Clifton Park NY 12065 September 29, 2016 December 29, 2016
Holiday Inn Berkshires 40 Main Street North Adams MA 01247 September 29, 2016 October 25, 2016
Crowne Plaza Pittsfield-Berkshires One West Street Pittsfield MA 01201 September 29, 2016 December 29, 2016
Holiday Inn Express Great Barrington – Lenox Area 415 Stockbridge Road Great Barrington MA 01230 September 29, 2016 November 4, 2016

How information was released

Frequently, when companies announce a change or wide-reaching issue across scores of outlets, long lists will be released to journalists – spreadsheets, often – of every store or location affected. Calling the document up in a text editor, spreadsheet program, PDF reader or web page, it’s easy to use the “find” function to scan through a long document.

IHG has conjured up a system where you must select individual states and cities to see if your hotel was affected. Computerworld’s Darlene Storm called it “ridiculous,” and Gizmodo’s Libby Watson said the drop-down-menu-based system makes it “very hard to get a complete list or look up a large number of hotels if you travel a lot.”

Besides the Rhode Island and Massachusetts hotels, Storm’s list noted 45 hotels in New York and 64 in California and 163 in Texas.

The company has apologized for the breach and is advising customers to watch their bills and credit reports.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s