Have you stayed at a Holiday Inn or Candlewood Suites property recently?

This past February InterContinental Hotels Group (IHG) confirmed that a credit card breach had impacted at least a dozen properties.

Turns out that number was way off. IHG has now released data showing that cash registers at about 1,200 of its properties were compromised with malicious software.

The hotel conglomerate owns over 5,100 properties across several brands, including Holiday Inn, Holiday Inn Express, Crowne Plaza, Kimpton Hotels, Hotel Indigo, EVEN Hotels, and Candlewood Suites.


“The investigation identified signs of the operation of malware designed to access payment card data from cards used onsite at front desks at certain IHG-branded franchise hotel locations between September 29, 2016 and December 29, 2016,” IHG said in a statement.

The malware was able to collect data aquired by point of sale registers which can include the cardholder name, card number, expiration date, and internal verification code read from the magnetic stripe of a payment card.

IHG published a state-by-state search tool but has confirmed exactly how many total properties were affected.

However, one Twitter user counted 1,175 properties in the searchable database.

The IHG-branded franchise hotel locations that had installed IHG’s Secure Payment Solution (SPS) prior to the breach were reportedly not affected.

The company has been working closely with the payment card networks and the cyber security firm to confirm that all malware has been eradicated.

IHG advises its customers to remain vigilant of any incidents of fraud or identity theft by reviewing bank account statements and that concerned customers request a free credit report to catch any unusual acitivity.