Global hotel chain InterContinental Hotels said a third of its franchised properties in the United States were hit late last year by malware that can steal guests’ credit card information.
Some 1,200 U.S.-based franchised properties and one hotel in Puerto Rico were affected between September 29 and December 29, spokesman Neil Hirsch said on Wednesday.
The company had 3,633 franchised properties in the Americas at the end of 2016, he said, while a “small percentage” of franchisees have not yet taken up the company’s offer to investigate their systems to check for evidence of problems.
He declined to say what financial impact the hack might have on the company or whether the breach would be covered by its insurance policies.
For more about hacking, watch:
The company said Friday that there is no evidence of unauthorized access to payment card data after December 29, 2016, but that a cyber security firm hired to investigate the breach did not confirm the malware was eradicated until February and March.
The malware searched for track data – including a cardholder’s name and card number, expiration date, and internal verification code – read from the magnetic stripe of a payment card as it was being routed through the affected hotel server.
Get Data Sheet, Fortune‘s technology newsletter.
The brands affected were Holiday Inn, Holiday Inn Express, Hotel Indigo, Crowne Plaza, Candlewood Suites and Staybridge Suites, Hirsch said.
In February, InterContinental said 12 of its 286 managed properties in the Americas were hit by similar malware.