Totally irrelevant to this threads discussion on merits of 4x numeric pins for IHG account security.
Earlier this year IHG revoked accounts using simple pins like 1111-9999, 1234, 4321, 6789, 9876 etc as some still use them and hackers try these obvious passpins first, and with sucesses bypass the lock/wait implemented after 3x invalid attempts.

Link refers to old chesnut .... namely compromised POS Card Reader terminals, at a small number of hotels in a "localised area". Either targetted by rogue insider employees, r speiast external gang.
IHG and other hotel chains all get targetted from time to time with this as do other non-hotel businesses.

For safety I never use my debit cards on unattended shop checkouts and rarely use a CC either.
If I need to use a debit card to pay I am happy to join a longer queue to a permanently manned checkout/customer-assistance counter for the extra peace of mind.
Neither should you let waiter in restaurant or deskclerk in hotel dissapear with your bankcard out of sight, it only takes seconds for rogue employees to skim/clone a CC once out of your sight.
These days most businesses can and should bring a portable POS terminal to you.