Data Breach

I came across a report late last year that Intercontinental Hotel Group (IHG) — the parent company of Holiday Inn — had a data breach.  There wasn’t a lot of details then, but new details are emerging.  Since I often stay at IHG properties, I had some concerns that my data may have been compromised.

There are some good and bad news.  The good news is that the data breach appears to have only affected bars and restaurants at 12 IHG managed properties.  The bad news?  The number of affected properties could rise, as investigations are still ongoing at other properties.

Key Highlights

  • The breach affected guests who used “payment card at restaurants and bars of 12 company managed properties” during the August-December 2016 timeframe.
  • IHG stated that “cards used at the front desk of these properties were not affected.”  If the breach involved the front desk, I’d expect the impact to be much higher since most guests use payment cards to pay for their stay.


The 12 Affected IHG Properties

  1. Crowne Plaza San Jose-Silicon Valley (California)
  2. Holiday Inn San Francisco Fisherman’s Wharf (California)
  3. InterContinental Los Angeles Century City (California)
  4. InterContinental Mark Hopkins (California)
  5. InterContinental San Francisco (California)
  6. InterContinental The Willard (DC)
  7. InterContinental Buckhead Atlanta (Georgia)
  8. InterContinental Chicago Magnificent Mile (Illinois)
  9. Holiday Inn Nashville Airport (Tennessee)
  10. Holiday Inn Resort – Aruba (Aruba)
  11. InterContinental Toronto Yorkville (Toronto, Ontario)
  12. InterContinental San Juan Resort & Casino (Puerto Rico)


What To Do Next?

If you are impacted by this data breach:

  • Consider canceling the credit card that was used at the hotel.
  • It may be worth it to subscribe to a credit monitoring service.
  • If you need more updates about this data breach, check out IHG dedicated webpage for more details on this incident.