More than a thousand IHG affiliated hotels mainly in the United States and Canada were affected by malware back in 2016 that resulted in credit card numbers, expiration dates, verification numbers, and names being handed to hackers.
Now, IHG has reached a settlement that potentially covers some of out of pocket expenses incurred. You, however, need to take action by early September or won’t get anything and forgo your rights.
You can access the class action settlement website here.
Here’s information from the settlement administrator:
A Settlement has been reached in a class action lawsuit involving malware intrusions that affected certain Inter-Continental Hotels Corporation and InterContinental Hotels Group Resources, Inc. (“IHG”)-branded hotel, restaurant and bar locations at varying times between August 1, 2016 through December 29, 2016 (the “Data Security Incidents”).
The affected hotel brands include InterContinential, Holiday Inn, Holiday Inn Express & Suites, Candlewood Suites, Crowne Plaza, Staybridge Suites, and Hotel Indigo. The specific hotel locations and time frames during which the IHG-branded hotel, restaurant, and bar locations were affected by the Data Security Incidents are available in the “Property List” in the ‘Documents’ section of this website.
The Settlement includes all persons who reside in the United States and used a payment card at the front desk of an affected hotel location or to make or attempt to make a purchase at an affected restaurant or bar location (identified in the ‘Documents’ section of this website) during the period in which that hotel, restaurant, or bar was affected by the Data Security Incidents.
The Settlement provides for payments to people who submit valid claims for documented out-of-pocket expenses of up to $250 that either of the Data Security Incidents was a contributing factor to the expense being incurred, and for reimbursement of documented fraudulent and unauthorized losses of up to $3,500 that were more likely than not caused by the Data Security Incidents. The total payments to the class are capped at $1,550,000.
Information about the process:
The settlement amount with the lawyer fees is roughly $2M for the IHG to pay that is highly inadequate considering the spread of this event that affected quite a few hotel chains.
Hackers had been able to somehow install malware to the system used by these hotels and got the swipe information.
Other hotel chains had similar issues with the swipe information diverted. Let’s see what will come out of those cases.