The Intercontinental Hotels Group was ‘Hacked for Fun!’

Uploaded on 2022-09-30 in TECHNOLOGY--Hackers, FREE TO VIEW

Hackers  carried out a destructive cyber-attack against the Holiday Inn owner Intercontinental Hotels Group (IHG) "for fun". The IT systems of InterContinental Hotels Group IHG), the global hospitality organisation that operates 17 hotel brands around the world, have been compromised, causing ongoing disruption to the corporation's online booking systems and other services.

The hackers, who claim to be Vietnamese got into the firm's databases by using a weak password, 'Qwerty1234' and say they first tried a ransomware attack, then deleted a large amount of data before they were stopped

IHG operates 6,000 hotels around the world, including the Holiday Inn, Crowne Plaza and Regent brands. And recently customers said that there were serious problems with booking and check-in.

For 24 hours IHG responded to complaints on social media by saying that the company was "undergoing system maintenance" and a day or so later IHG said it had been hacked.

The hackers, calling themselves TeaPea, contacted the BBC on the encrypted messaging app, Telegram, providing screenshots as evidence that they had carried out the hack.The images, which IHG has confirmed are genuine, show they gained access to the company's internal Outlook emails, Microsoft Teams chats and server directories.

"Our attack was originally planned to be a ransomware but the company's IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead," one of the hackers said.

TeaPea say they gained access to IHG's internal IT network by tricking an employee into downloading a malicious piece of software through a booby-trapped email attachment. They also had to bypass an additional security prompt message sent to the worker's devices as part of a two-factor authentication system.

The criminals then say they accessed the most sensitive parts of IHG's computer system after finding login details for the company's internal password vault. "The username and password to the vault was available to all employees, so 200,000 staff could see. And the password was extremely weak," they told the BBC.

Surprisingly, the password was Qwerty1234, which regularly appears on lists of most commonly used passwords worldwide.

IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG's hotels are still able to operate and to take reservations directly.

BBC:   Star Kenya:    The Register:    Head for PointsViewFromTheWing:   StreetInsider:    Bleeping Computer

You Might Also Read: 

Improve Your Password Security:

 

 

« Google Loses Its Appeal & Must Pay €4.1Billion EU Penalty
Russia Plans To Dominate Military AI »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

Mocana

Mocana

Mocana provides a software platform that allows you to develop, test and distribute more secure IoT devices and services.

PhishLine

PhishLine

PhishLine helps Information Security Professionals meet and overcome the increasing challenges associated with social engineering and phishing.

Guidewire

Guidewire

Guidewire Cyence™ Risk Analytics is a cloud-native economic cyber risk modeling solution built to help the insurance industry quantify cyber risk exposures.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

Fox-IT

Fox-IT

Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises.

Oxford BioChronometrics

Oxford BioChronometrics

By building profiles based on electronically Defined Natural Attributes, or e-DNA, Oxford BioChronometrics protects digital networks, communities, individuals and other online assets from fraud.

Cybertech

Cybertech

Cybertech Conference & Exhibition presents commercial problem solving strategies and solutions for the global cyber threat that meet the diverse challenges for a wide range of sectors.

Watchdata Technologies

Watchdata Technologies

Watchdata Technologies is a pioneer in digital authentication and transaction security.

AEWIN Technologies

AEWIN Technologies

AEWIN is professional in the fields of Network Appliance, Cyber Security, Server, Edge Computing and an ODM/OEM expert.

InfusionPoints

InfusionPoints

InfusionPoints is your independent trusted partner dedicated to assisting you in building your secure and compliant business solutions.

Vigilant Ops

Vigilant Ops

Vigilant Ops is a leader in Software Bill of Materials (SBOM) Automation. A proactive approach to cybersecurity with continuous vulnerability monitoring.

Piiano

Piiano

Piiano offers developer-friendly privacy and security products. Reduce risk and protect your data by using our specialized security and privacy SaaS tools.

Swick Technologies (SWICKtech)

Swick Technologies (SWICKtech)

SWICKtech offer IT managed services to increase IT security, stability, and performance for your organization.

Silicon Valley Cybersecurity Institute (SVCSI)

Silicon Valley Cybersecurity Institute (SVCSI)

SVCSI aims to investigate, develop, and promote technical excellence and the best security practices for dependable and secure systems and applications.

Amiosec

Amiosec

Amiosec is a British cyber innovation business specialising in delivering simple-to-use solutions to the complex problems of the modern world.