(Reuters) - InterContinental Hotels Group Plc-owned Kimpton Hotels & Restaurants said an investigation had found a malware attack on servers that processed payment cards used at some of its hotels.
The news comes nearly three weeks after a data breach was reported at 20 U.S. hotels operated by HEI Hotels & Resorts for InterContinental, Hyatt Hotels Corp, Starwood Hotels & Resorts Worldwide Inc and Marriott International Inc.
Kimpton said on Wednesday that the malware installed was designed to track card number, cardholder name, expiration date and internal verification code.
The company launched a probe after it was informed in July of “unauthorized charges occurring on payment cards after they had been used by guests at the restaurant in one of our hotels.”
The incident involved cards used between Feb. 16 and July 7 at some of its properties, Kimpton said.
The company has published a list of the affected properties on its website.
HEI Hotels said this month that the data breach might have divulged payment card data from tens of thousands of food, drink and other transactions at the affected hotels.
Reporting by Sruthi Shankar in Bengaluru; Editing by Kirti Pandey