The Intercontinental Hotels Group was ‘Hacked for Fun!’

Hackers  carried out a destructive cyber-attack against the Holiday Inn owner Intercontinental Hotels Group (IHG) "for fun". The IT systems of InterContinental Hotels Group IHG), the global hospitality organisation that operates 17 hotel brands around the world, have been compromised, causing ongoing disruption to the corporation's online booking systems and other services.

The hackers, who claim to be Vietnamese got into the firm's databases by using a weak password, 'Qwerty1234' and say they first tried a ransomware attack, then deleted a large amount of data before they were stopped

IHG operates 6,000 hotels around the world, including the Holiday Inn, Crowne Plaza and Regent brands. And recently customers said that there were serious problems with booking and check-in.

For 24 hours IHG responded to complaints on social media by saying that the company was "undergoing system maintenance" and a day or so later IHG said it had been hacked.

The hackers, calling themselves TeaPea, contacted the BBC on the encrypted messaging app, Telegram, providing screenshots as evidence that they had carried out the hack.The images, which IHG has confirmed are genuine, show they gained access to the company's internal Outlook emails, Microsoft Teams chats and server directories.

"Our attack was originally planned to be a ransomware but the company's IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead," one of the hackers said.

TeaPea say they gained access to IHG's internal IT network by tricking an employee into downloading a malicious piece of software through a booby-trapped email attachment. They also had to bypass an additional security prompt message sent to the worker's devices as part of a two-factor authentication system.

The criminals then say they accessed the most sensitive parts of IHG's computer system after finding login details for the company's internal password vault. "The username and password to the vault was available to all employees, so 200,000 staff could see. And the password was extremely weak," they told the BBC.

Surprisingly, the password was Qwerty1234, which regularly appears on lists of most commonly used passwords worldwide.

IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG's hotels are still able to operate and to take reservations directly.

BBC:   Star Kenya:    The Register:    Head for PointsViewFromTheWing:   StreetInsider:    Bleeping Computer

You Might Also Read: 

Improve Your Password Security:

 

 

« Google Loses Its Appeal & Must Pay €4.1Billion EU Penalty
Russia Plans To Dominate Military AI »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

National Cyber Security Centre (NCSC) - United Kingdom

National Cyber Security Centre (NCSC) - United Kingdom

The NCSC acts as a bridge between industry and government, providing a unified source of advice, guidance and support on cyber security, including the management of cyber security incidents.

Daon

Daon

Daon offers a universal biometric authentication platform for mobile devices.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

CyRise

CyRise

CyRise is a venture accelerator focused squarely on early stage cyber security startups.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

CoverWallet

CoverWallet

CoverWallet combines deep analytics, thoughtful design and state of the art technology to help small businesses with all their insurance needs including Cyber Liability.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

Cloud Range

Cloud Range

Cloud Range provides cybersecurity teams with access to the world's leading cyber range platform, eliminating the need to invest in costly cyber range infrastructure.

NetWitness

NetWitness

NetWitness empowers security teams to rapidly detect today’s targeted and sophisticated attacks with unparalleled visibility.

Focus on Security

Focus on Security

Focus on Security are Cyber Security recruitment specialists. We’re dedicated to connecting you with the top Cyber Security talent across the globe. We focus on partnerships and results.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

EmberOT

EmberOT

EmberOT is at the forefront of operational technology (OT) security, offering cutting-edge solutions designed to protect critical infrastructure within energy, utilities, and manufacturing sectors.

Consortium

Consortium

Consortium goes beyond products and promises by working with enterprises to identify, acquire, and deploy cybersecurity solutions that matter.