It was reported late last week by KrebsonSecurity that many financial institutions were seeing fraudulent charges coming through to credit and debit cards that were used at at IHG affiliated hotels.
Many POS (point of sale) systems at various hotel brands have been infected with malware over the past few years where thieves have collected credit card information used to pay for services.
You can access the KrebsonSecurity article here of which below is an excerpt:
Last week, KrebsOnSecurity began hearing from sources who work in fraud prevention at different financial institutions. Those sources said they were seeing a pattern of fraud on customer credit and debit cards that suggested a breach at some IHG properties — particularly Holiday Inn and Holiday Inn Express locations.
Asked about the fraud patterns reported by my sources, a spokesperson for IHG said the company had received similar reports, and that it has hired an outside security firm to help investigate.
Usually these breaches have happened at terminals that are used to pay for services rendered at various hotel outlets such as restaurants and gift shops. Somehow malware found its way to these terminals (basically PC computers) that then captured the card swipe data and sent it to thieves.
It is always bad idea to pay using debit cards at hotels because thieves can temporarily drain your account until your bank gives you a credit after notifying them about fraudulent charges.
We’ll see if IHG is going to inform affected members that their card data may have been breached.