Two Holiday Inn hotels along the Grand Strand were affected by a data breach last fall, according to an online release at InterContinental Hotels Group, which states many locations nationwide were impacted.
IHG, Holiday Inn’s parent company, released information about the incident April 14, alerting customers that some IHG-branded franchise locations had data breaches from Sept. 29 to Dec. 29, the release states.
The two Horry County locations that were affected were the Holiday Inn Express at 722 U.S. 17 in Little River and the Holiday Inn Oceanfront at 1601 N. Ocean Blvd. in Surfside Beach, according the company’s website.
Some hotels were told that unauthorized payments were being put on customer payment cards after they were legitimately swiped at hotels. The company hired a cyber security firm to investigate payment card processing systems and found signs of malware designed to access payment card data from cards used between Sept. 29 to Dec. 29, the release says. The company said they’ve notified police about the breach.
The company said there are no signs of unauthorized access after December, and that confirmation of the malware eradicating didn’t occur until locations were investigated the past two months.
“Before this incident began, many IHG-branded franchise hotel locations had implemented IHG’s Secure Payment Solution (SPS), a point-to-point encryption payment acceptance solution. Properties that had implemented SPS before September 29, 2016 were not affected. Many more properties implemented SPS after September 29, 2016, and the implementation of SPS ended the ability of the malware to find payment card data and, therefore, cards used at these locations after SPS implementation were not affected,” the release states.
Officials said there are no signs that any other guest information was compromised.
“We regret any inconvenience this may have caused. If you have questions, and reside in the United States, please call 855-330-6367 from 8:00 a.m. to 8:00 p.m. Eastern Time, Monday to Friday. If you reside outside the United States, please call 800-290-9989 from 8:00 a.m. to 8:00 p.m. Eastern Time, Monday to Friday,” officials said in the release.
Dennis Law, the general manager of the Surfside location, said the company is handling the breach.
“It will affect [business] as it does,” Law said. “It’s being professionally handled by the brand at all our properties. We’re being compliant with the investigation.”
Joy Dowd, the manager of the Little River location, said she’d heard about a month ago that the company was investigating something, but she hadn’t heard the results until this morning when a guest asked her about the breach.
“Of course we are [concerned about business],” Dowd said. “I know that as far as [chain owner] IHG … they’ll be on top of this and try to do everything they can to keep anything like this from happening again.”
Staff writer Chloe Johnson contributed to this report.