Credit card data breach discovered at 1,175 hotels nationwide - WNEM TV 5

Credit card data breach discovered at 1,175 hotels nationwide

Posted: Updated:
A Holiday Inn sign is shown Monday, Nov. 10, 2008 in New York. (AP Photo/Mark Lennihan) A Holiday Inn sign is shown Monday, Nov. 10, 2008 in New York. (AP Photo/Mark Lennihan)

(MEREDITH) -- If you stayed at a hotel during the last few months of 2016, it might be smart to check your credit card transactions. A massive credit card data breach at 1,175 hotels has exposed the payment information of potentially thousands of customers of hotels like Holiday Inn, Holiday Inn Express, and Crowne Plaza.

Parent company InterContinental Hotels Group (IHG) launched an internal investigation into the data breach earlier this year and found that malware had accessed payment data of cards used at the front desks of certain hotels between Sept. 29, 2016, and Dec. 29, 2016. IHG has over 5,000 hotels, including Staybridge Suites, Candlewood Suites, Hotel Indigo and Holiday Inn Resort.

What data is at risk?

Basically, the malware mined the track data, information read from that magnetic strip on the back of your credit card. That includes:

  • Card number
  • Expiration date
  • Internal verification code (3-digit code on the back of your card)

IHG’s investigation didn’t find any evidence of data breaches after Dec. 29, 2016, but they didn’t get confirmation that the malware had been removed until February and March. The timespan of the breach could still widen as the investigation continues.  

What should you do?

Check your credit card statements for any suspicious activity, something you should do regularly anyway, just in case. If you see something you didn’t authorize, call your credit card company on that phone number on the back of your card. Usually, if you catch it within a few months you won’t be responsible for the charge.

If you have questions for IHG, you can give them a call at 855-330-6367.  

Which hotels were affected?

The investigation is still going, so this list could grow, but IHG has provided a not-so-user-friendly tool for you to use to determine which hotels have been affected. Here’s a list of how many hotels by state have been listed in the data breach:

  • Alaska 2
  • Alabama 27
  • Arkansas 23
  • Arizona 15
  • California 64
  • Colorado 20
  • Connecticut 10
  • Washington DC 2
  • Delaware 3
  • Florida 61
  • Georgia 38
  • Iowa 12
  • Idaho 4
  • Illinois 39
  • Indiana 53
  • Kansas 19
  • Kentucky 21
  • Louisiana 21
  • Massachusetts 17
  • Maryland 14
  • Maine 1
  • Michigan 42
  • Minnesota 22
  • Missouri 25
  • Mississippi 32
  • Montana 5
  • North Carolina 49
  • North Dakota 8
  • Nebraska 17
  • New Hampshire 3
  • New Jersey 19
  • New Mexico 14
  • Nevada 2
  • New York 45
  • Ohio 50
  • Oklahoma 23
  • Oregon 10
  • Pennsylvania 46
  • Rhode Island 1
  • South Carolina 19
  • South Dakota 7
  • Tennessee 30
  • Texas 163
  • Utah 10
  • Virginia 28
  • Vermont 2
  • Washington 10
  • Wisconsin 13
  • West Virginia 7
  • Wyoming 6

Read IHG’s data breach notice

Copyright 2017 (Meredith Corporation). All rights reserved.

Powered by Frankly
WNEM
Powered by WorldNow CNN
All content © 2017, WNEM; Saginaw, MI. (A Meredith Corporation Station) . All Rights Reserved.
For more information on this site, please read our Privacy Policy, and Terms of Service, and Ad Choices.