The Intercontinental Hotels Group was ‘Hacked for Fun!’

Uploaded on 2022-09-30 in TECHNOLOGY--Hackers, FREE TO VIEW

Hackers  carried out a destructive cyber-attack against the Holiday Inn owner Intercontinental Hotels Group (IHG) "for fun". The IT systems of InterContinental Hotels Group IHG), the global hospitality organisation that operates 17 hotel brands around the world, have been compromised, causing ongoing disruption to the corporation's online booking systems and other services.

The hackers, who claim to be Vietnamese got into the firm's databases by using a weak password, 'Qwerty1234' and say they first tried a ransomware attack, then deleted a large amount of data before they were stopped

IHG operates 6,000 hotels around the world, including the Holiday Inn, Crowne Plaza and Regent brands. And recently customers said that there were serious problems with booking and check-in.

For 24 hours IHG responded to complaints on social media by saying that the company was "undergoing system maintenance" and a day or so later IHG said it had been hacked.

The hackers, calling themselves TeaPea, contacted the BBC on the encrypted messaging app, Telegram, providing screenshots as evidence that they had carried out the hack.The images, which IHG has confirmed are genuine, show they gained access to the company's internal Outlook emails, Microsoft Teams chats and server directories.

"Our attack was originally planned to be a ransomware but the company's IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead," one of the hackers said.

TeaPea say they gained access to IHG's internal IT network by tricking an employee into downloading a malicious piece of software through a booby-trapped email attachment. They also had to bypass an additional security prompt message sent to the worker's devices as part of a two-factor authentication system.

The criminals then say they accessed the most sensitive parts of IHG's computer system after finding login details for the company's internal password vault. "The username and password to the vault was available to all employees, so 200,000 staff could see. And the password was extremely weak," they told the BBC.

Surprisingly, the password was Qwerty1234, which regularly appears on lists of most commonly used passwords worldwide.

IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG's hotels are still able to operate and to take reservations directly.

BBC:   Star Kenya:    The Register:    Head for PointsViewFromTheWing:   StreetInsider:    Bleeping Computer

You Might Also Read: 

Improve Your Password Security:

 

 

« Google Loses Its Appeal & Must Pay €4.1Billion EU Penalty
Russia Plans To Dominate Military AI »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Social-Engineer Inc

Social-Engineer Inc

Social-Engineer is a consulting and training company specializing in the science of social engineering in the context of digital security.

MyCERT

MyCERT

MyCERT is the National Computer Emergency Response Team of Malaysia.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Block Armour

Block Armour

Block Armour is a Mumbai and Singapore based venture focused on harnessing emerging technologies to counter growing Cybersecurity challenges in bold new ways.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

Technology Law Alliance (TLA)

Technology Law Alliance (TLA)

Technology Law Alliance is a specialist IT law firm focussed on the fields of technology, outsourcing and e-commerce.

TalaTek

TalaTek

TalaTek is a full-service risk management firm providing expert services in risk management, cybersecurity, and compliance.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

JupiterOne

JupiterOne

JupiterOne is the security product that is changing how organizations manage and secure their software defined assets.

Ultra Electronics

Ultra Electronics

Ultra specialises in providing application-engineered bespoke solutions. We focus on mission critical and intelligent systems in the defence, security, critical detection & control markets.

Cipher

Cipher

Founded in 2000, Cipher is a global cybersecurity company that delivers a wide range of Managed Security Services.

Accolite Digital

Accolite Digital

Accolite is an innovative, design thinking software company that guarantees seamless digital experiences with maximum results.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

Yogosha

Yogosha

Yogosha is a crowdsourced cybersecurity platform enabling a win-win collaboration with the most talented hackers to detect and fix vulnerabilities on your most critical systems.

TuxCare

TuxCare

TuxCare make Linux more secure. We take care of Linux so that organizations can use Linux to support environments that require high levels of Cybersecurity, stability, and availability.

Hetz Ventures

Hetz Ventures

Hetz Ventures is a global-facing VC investing in highly talented and ambitious Israeli founders who operate at the cutting edge of deep technology.