Customers of the InterContinental Hotels Group were subject to a credit card data breach late in 2016 at nearly 1,000 of its domestic locations, the company announced Thursday.
According to a company statement, the company identified signs of the operation of malware designed to access payment card data from cards used onsite at front desks at certain locations between September 29, 2016 and December 29, 2016.
InterContinental Hotels Group is the parent company of hotel chains Holiday Inn, Candlewood Suites, Crowne Plaza and Staybridge Suites.
"IHG has been working closely with the payment card networks as well as with the cyber security firm to confirm that the malware has been eradicated and evaluate ways for franchisees to enhance security measures. Law enforcement also has been notified," the company said in a statement.
The company added that it has since added security measures, rendering the malware harmless.
Among the information that may have been breached, customers' names in addition to card numbers, expiration dates and internal verification code were potentially stolen.