Credit card theft is slowly becoming the norm rather than an exception. Millions of credit card details have been stolen by hackers over the years and it appears the problems are far from over. Intercontinental Hotels Group notified the world about a payment card system breached affecting 12 of its hotels. Although the group owns over 5,000 hotels around the world, the malware attack was limited to just these twelve locations.
Another Troublesome Credit Card Theft Story
It is not as if the world needed yet another story about credit card details being stolen. Unfortunately for travelers who stayed at one of the InterContinental Hotels Group’s locations in North America or the Caribbean, they may have fallen victim to a malware-based payment system attack. A total of twelve hotels was attacked with this malware, which nestled itself on the servers used to process credit card payments.
To make matters worse, this malware has been residing on these payment processing servers between August and December 2016. So far, the InterContinental Hotels Group did not mention how many payments were affected in the process. The group did provide a full list of affected companies, however, which should give most people an idea of whether or not they need to keep an eye on their monthly card statement.
As is usually the case with these incidents, the problem was discovered after several clients filed a complaint about unauthorized credit card charges. At that time, it became clear only a few locations were affected. Interestingly enough, the malware only snooped on transactions related to bars and restaurants at the IHG’s managed properties. Front desk payments are not affected by this malware, according to the group.
This particular malware seeks out magnetic stripe track data from every payment card. In this stripe, all of the sensitive payment information is gathered, including the verification code, full card number, and the internal verification code. This seems to indicate even EMV-capable cards have been affected in the process, which does not bode well for the future of credit card payment security in general.
It is evident the world of credit card payments remains a primary target for criminals all over the world.This type of sensitive payment information can be used to commit fraud both in an online and offline manner. Malware is the primary attack vector for point-of-sale oriented payment attacks and it looks like 2017 will see more of the same incidents take place.
Header image courtesy of Shutterstock