ATLANTA — InterContinental Hotels Group has hired a cyber security firm on behalf of franchisees to coordinate an examination of the payment card processing systems at several hotels in the Americas after IHG-branded hotel locations run as independently owned and operated franchises were made aware by payment card networks of patterns of unauthorized charges.

IHG says the investigation identified signs of the operation of malware designed to access payment card data from cards used onsite at the front desk at certain IHG-branded franchise hotel locations Sept. 29 – Dec. 29, 2016.

“Although there is no evidence of unauthorized access to payment card data after Dec. 29, 2016, confirmation that the malware was eradicated did not occur until the properties were investigated in February and March 2017,” said IHG.

Before this incident began, many IHG-branded franchise hotel locations had implemented IHG’s Secure Payment Solution (SPS), a point-to-point encryption payment acceptance solution.  Properties that had implemented SPS before Sept. 29, 2016 were not affected.

IHG says more properties implemented SPS after Sept. 29, 2016, and the implementation of SPS ended the ability of the malware to find payment card data, meaning cards used at these locations after SPS implementation were not affected.

The malware searched for track data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the affected hotel server. IHG says there is no indication that other guest information was affected.

A list of affected franchise locations and respective time frames is at ihg.com/protectingourguests.