In December, several banks had identified hospitality giant InterContinental Hotels Group as the common link among customers with otherwise unrelated fraudulent credit card transactions. InterContinental is now confirming the breach and releasing information on which of its hotels’ restaurants and bars were affected.
InterContinental might not be a familiar name, but its brands include Holiday Inn, Crowne Plaza, Crowne Plaza, Staybridge Suites, Candlewood Suites, Hotel Indigo, Even Hotels, and Kimpton.
Like other recent hotel breaches, the hotel’s online and front desk payment systems weren’t affected, but the malware harvested card numbers from restaurants and bars that are part of the hotel or resort.
According to Krebs on Security, the site where we learned about this breach, malware installed on point of service terminals (a modern way of saying “cash registers”) steals customers’ credit card numbers without employees even knowing about it.
The company has notified customers who used their cards at the affected eateries between August 2016 and December 2016.
Provided by IHG, here’s the list of bars and restaurants that were compromised. The dates vary by property, and the list is not complete, since the investigation is ongoing.
|Restaurant Name(s)||Bar Name(s)||Hotel Address (Name)||Start Date||End Date|
|Sevens Bar & Grill||777 Bellew Drive, Milpitas, CA 95035 (Crowne Plaza San Jose-Silicon Valley)||8/1/2016||12/20/2016|
|Bristol Bar & Grille||1300 Columbus Avenue, San Francisco, CA 94133 (Holiday Inn San Francisco Fisherman’s Wharf)||8/1/2016||12/11/2016|
|Mari Los Angeles||Copper Lounge||2151 Avenue of the Stars, Los Angeles, CA 90067 (InterContinental Los Angeles Century City)||8/1/2016||12/20/2016|
|Knob Hill Club||Top of the Mark||999 California Street, San Francisco, California 94108 (InterContinental Mark Hopkins)||8/17/2016||12/15/2016|
|Luce||Bar 888||888 Howard Street, San Francisco, CA 94103 (InterContinental San Francisco)||8/18/2016||12/15/2016|
|Southern Art Restaurant||Bourbon Bar||3315 Peachtree Road NE, Atlanta, GA 30326 (InterContinental Buckhead Atlanta)||8/1/2016||11/9/2016|
|Michael Jordan’s Steak House & Bar; Center Court||Eno||505 N. Michigan Ave, Chicago, IL 60611 (InterContinental Chicago Magnificent Mile)||8/1/2016||12/15/2016|
|Cafe Du Parc||Round Robin||1401 Pennsylvania Avenue NW, Washington, DC 20004 (InterContinental The Willard)||8/1/2016||12/2/2016|
|Sea Breeze Restaurant & Bar; Oceanside Bar & Grill; Da Vinci Ristorante; Corals Restaurant; Pizza Now!||Palm Bar||J. E. Irausquin Boulevard #230, Palm Beach, Aruba (Holiday Inn Resort – Aruba)||8/1/2016||11/28/2016|
|Signatures Restaurant||Proof Vodka Bar; Sky Lounge||220 Bloor Street West, Toronto, ON M5S1T8, Canada (InterContinental Toronto Yorkville)||8/1/2016||11/28/2016|
|Trattoria Italiana; Caio Mediterranean; Akua; La Bodeguita||Q-Bar; Ottana Bar; SAK-I||5961 Isla Verde Ave, Carolina, PR 00979 (InterContinental San Juan Resort & Casino)||8/1/2016||11/28/2016|
|Restaurant at former Holiday Inn Nashville Airport||2200 Elm Hill Pike, Nashville, TN 37214 (Holiday Inn Nashville Airport)||8/1/2016||9/1/2016|
Whether you’ve visited any of these restaurants or bars or not, always remember that your card could be compromised anywhere, and your payment data most likely will be stolen. It’s just what happens when you use the modern financial system. Always check your statements for transactions that look unfamiliar, and report them promptly to your financial institution.