The credit card breach that affected payment cards used at InterContinental
Hotels Group properties last year hit a much broader swath of the company's
franchise portfolio than the 12 revealed
back in February.
IHG issued a statement disclosing that cards used at IHG franchise
locations in North America and Puerto Rico between Sept. 29, 2016, and Dec. 29,
2016, may have been affected by malware installed on front-desk payment systems
at certain locations. IHG didn't disclose which properties the breach targeted,
but an online
database of hotels that might have been affected includes more than 1,100
locations under the Holiday Inn, Holiday Inn Express, Staybridge Suites,
Candlewood Suites, Crowne Plaza and Hotel Indigo brands.
The adoption of IHG's Secure Payment Solution, a
point-to-point-encryption payment-acceptance solution, halted the malware's
effectiveness at locations where it was installed last year, according to IHG.
The company said investigations revealed no indication that guest information
beyond cardholder name, card number, expiration date and internal verification
code were affected.