If you stayed at a Holiday Inn, Holiday Inn Express, Crowne Plaza, Staybridge or InterContinental hotel in the United States last fall, you may want to check your credit card statements.

  • IHG hotels affected by data breach
  • Malware was used to access credit card information
  • Breach happened between Sept. 29-Dec. 29, 2016

InterContinential Hotels Group said that credit card systems at multiple hotels had been breached.

This is the second breach the company has revealed this year. In February, the company announced one that affected 12 hotels in the U.S.

In a notice posted to its site, IHG says the second breach happened at select hotels between Sept. 29 and Dec. 29 last year. However, the company says there’s no evidence that credit card data was accessed.

The company hired a cyber security firm, which found evidence of malware designed to access payment card data from cards used at the hotels’ front desks. The malware generated unauthorized charges on those cards, IHG says. Cardholder names and card numbers were likely accessed.

IHG hasn’t revealed the exact number of hotels that were affected by the breach. However, customers can use a lookup tool the company has posted on its website to search for hotels in select state and cities.  

In Orlando, five hotels are listed, including the Holiday Inn Express at Orlando International Airport. Tampa also has five hotels listed.

Although the breach mostly affects hotels in the U.S., a hotel in Puerto Rico was also affected.

IHG says it’s working closely with payment card networks and a cyber security firm to look for ways to increase security measures.