The Intercontinental Hotels Group was ‘Hacked for Fun!’

Uploaded on 2022-09-30 in TECHNOLOGY--Hackers, FREE TO VIEW

Hackers  carried out a destructive cyber-attack against the Holiday Inn owner Intercontinental Hotels Group (IHG) "for fun". The IT systems of InterContinental Hotels Group IHG), the global hospitality organisation that operates 17 hotel brands around the world, have been compromised, causing ongoing disruption to the corporation's online booking systems and other services.

The hackers, who claim to be Vietnamese got into the firm's databases by using a weak password, 'Qwerty1234' and say they first tried a ransomware attack, then deleted a large amount of data before they were stopped

IHG operates 6,000 hotels around the world, including the Holiday Inn, Crowne Plaza and Regent brands. And recently customers said that there were serious problems with booking and check-in.

For 24 hours IHG responded to complaints on social media by saying that the company was "undergoing system maintenance" and a day or so later IHG said it had been hacked.

The hackers, calling themselves TeaPea, contacted the BBC on the encrypted messaging app, Telegram, providing screenshots as evidence that they had carried out the hack.The images, which IHG has confirmed are genuine, show they gained access to the company's internal Outlook emails, Microsoft Teams chats and server directories.

"Our attack was originally planned to be a ransomware but the company's IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead," one of the hackers said.

TeaPea say they gained access to IHG's internal IT network by tricking an employee into downloading a malicious piece of software through a booby-trapped email attachment. They also had to bypass an additional security prompt message sent to the worker's devices as part of a two-factor authentication system.

The criminals then say they accessed the most sensitive parts of IHG's computer system after finding login details for the company's internal password vault. "The username and password to the vault was available to all employees, so 200,000 staff could see. And the password was extremely weak," they told the BBC.

Surprisingly, the password was Qwerty1234, which regularly appears on lists of most commonly used passwords worldwide.

IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG's hotels are still able to operate and to take reservations directly.

BBC:   Star Kenya:    The Register:    Head for PointsViewFromTheWing:   StreetInsider:    Bleeping Computer

You Might Also Read: 

Improve Your Password Security:

 

 

« Google Loses Its Appeal & Must Pay €4.1Billion EU Penalty
Russia Plans To Dominate Military AI »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

ISACA Conferences

ISACA Conferences

ISACA is dedicated to offering the most dynamic and inclusive conferences to keep you abreast of the latest advances in IT and Information Security.

Quorum Cyber

Quorum Cyber

Quorum Cyber offer end-to-end cyber security solutions, specialising in Managed Security Services, Consulting and Resourcing.

AntemetA

AntemetA

AntemetA specializes in network infrastructure, security and cloud computing, helping companies transform their Information Systems.

Cyber Discovery

Cyber Discovery

Cyber Discovery, the UK Government's Cyber Schools Programme, is a learning programme designed to give young people the opportunity to learn the skills needed to enter the cyber security profession.

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

Reed

Reed

reed.co.uk is a leading job site in the UK, providing a full online service for anyone looking for a new job.

Qrator Labs

Qrator Labs

Qrator Labs is a leader in DDoS attack mitigation, helping organizations protect their websites from the most harmful, sophisticated DDoS attacks.

Lunio

Lunio

Lunio makes the internet a safer and more reliable place for everyone trying to grow their business by automatically getting rid of fake clicks, traffic, and leads on all ad platforms.

Inpher

Inpher

Inpher has pioneered cryptographic Secret Computing® that enables advanced analytics and machine learning while keeping data private, secure, and distributed.

e5 Lab

e5 Lab

e5 Lab seeks to develop solutions to challenges faced by the shipping industry including digital transformation, autonomous technologies and big data in order to promote safe and efficient operations.

National Cybersecurity Consortium (NCC) - Canada

National Cybersecurity Consortium (NCC) - Canada

The NCC’s mandate is to keep Canada’s cyber and critical infrastructures and citizens safe while ensuring Canada’s global competitiveness and leadership in cybersecurity.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Infinavate

Infinavate

Infinavate Fort CyberVault offers end-to-end services that comprehensively responds to the organization’s information security and privacy needs.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

Security4Media

Security4Media

Security4Media is a non-profit association set up to reduce risks and support trust in media, in the face of increasing cybersecurity threat levels.