Novi Crowne Plaza Affected By Massive Credit Card Data Breach

NOVI, MI — InterContinental Hotels Group, a parent company of Holiday Inn, Crowne Plaza and Candlewood Suites and other hotels, has announced that more than 1,000 of its locations may have been subject to a breach of customer credit card information between Sept. 29 and Dec. 29, 2016. The breach was originally reported in February, but at that time the company said only about a dozen hotels were subject to the cyberattack.

The conglomerate discovered malware on its credit card processing systems tracked data from customers' transactions, including guests' names, credit card numbers, expiration dates and internal verification code. Customers who believe they may have been affected should check their credit card statements for unusual activity or fraudulent purchases.

In Michigan, 39 communities with IHG properties were affected. That list includes the Crowne Plaza in Novi at 2700 Karvich Drive. Other nearby properties are located in:

• Birmingham - Holiday Inn Express, 35270 Woodward Avenue
• Dearborn - Holiday Inn Express, 24041 Michigan Avenue and the Staybridge Suites at 24105 Michigan Avenue
• Plymouth Township - Holiday Inn Express, 15100 Beck Road
• Rochester Hills - Holiday Inn Express, 3544 Marketplace Circle
• Troy - Holiday Inn Express, 400 Stephenson Highway

IHG hired a cybersecurity firm to investigate the incident. While malware was not removed from the hotels' systems until the investigation in February and March of 2017, the group has found no evidence that any breaches occurred at Dec. 29. The group's hotels had begun moving to use Secure Payment Solutions, a program that encrypts customer credit card information, before the incident began.

If you've been a customer at one of the group's hotels during that time period and believe your credit card information might have been stolen, IHG has posted an easily searchable list of compromised hotels and the timeframes during which the information was vulnerable.

According to Krebs on Security, a cybersecurity blogger, the IHG's list of affected hotels include 1,175 locations out of 5,000 worldwide.

Companies across the globe, as well as governments, continue to struggle in the fight to keep data secure. In recent years, Yahoo suffered a massive breach of data for hundreds of millions of users. Home Depot and Target have both had credit card information stolen from millions of their customers. Even hospitals have been frequent targets of hackers looking for valuable personal information.

Cody Fenwick (Patch Staff) contributed to this report. Photo by Elliot Brown via Flickr Commons.