credit card breach Blog Terms - Attivo Networks

credit card breach

Credit card data breach discovered at 1,175 hotels nationwide

(MEREDITH) — If you stayed at a hotel during the last few months of 2016, it might be smart to check your credit card transactions. A massive credit card data breach at 1,175 hotels has exposed the payment information of potentially thousands of customers of hotels like Holiday Inn, Holiday Inn Express, and Crowne Plaza.

Parent company InterContinental Hotels Group (IHG) launched an internal investigation into the data breach earlier this year and found that malware had accessed payment data of cards used at the front desks of certain hotels between Sept. 29, 2016, and Dec. 29, 2016. IHG has over 5,000 hotels, including Staybridge Suites, Candlewood Suites, Hotel Indigo and Holiday Inn Resort.

The Hidden Threats Within Our Nation’s POS Systems

There are escalating security vulnerabilities at work in the nation’s point-of-sale (POS) systems. This situation can be quite series and one that deserves immediate attention and accompanying remediation.

In the last ten years there have been over 1,350 breaches made public within retail and business organizations. In 2016 alone, high profile breaches from Wendy’s, Eddie Bauer, Vera Wang, and Omni Hotels have shaken these companies and left impacted customers angry and frustrated.

Tech Company Sets Traps For Cyber Attackers Of Point Of Sale Systems

Undetected Vulnerabilities Lay in Wait and Could Lead to Large Holiday Breaches According to Research Report. Attivo issued a report today detailing severe vulnerabilities in the nation’s POS systems that could lead to large breaches during the Holiday shopping period and on into next year. The report, based on primary research, shows how attackers are moving laterally undetected through networks, compromising asset management servers and then using them to plant malware on POS terminals for either timed or remote activation, creating the foundation for wide-scale credit card information theft. Traditional security devices have proven to be ineffective in detecting an attacker’s lateral movement, in providing malware activation visibility between asset servers and POS terminals, and in accurately correlating attack forensic data according to the report.

Scroll to Top