Cyberattack Launched upon InterContinental Hotels Group
The Network Breach Disrupts Booking System and Other Applications.
InterContinental Hotels Group PLC (also known as IHG Hotels & Resorts) announced on September 5, 2022, that its network has been breached. The attack disrupted the hospitality company’s systems like booking and other applications.
IHG announced the cyberattack to the authorities and is dealing with it helped by a group of external experts. The aim is to restore all the systems as soon as possible, meanwhile offering support to the hotels and operators that are affected by the incident.
What Kind of Attack Was It
“InterContinental Hotels Group PLC (IHG or the Company) reports that parts of the Company’s technology systems have been subject to unauthorised activity. IHG’s booking channels and other applications have been significantly disrupted since yesterday, and this is ongoing.”, the company said in a declaration to the London Stock Exchange on Tuesday, September 6.
The nature, extent and impact of the incident are still to be assessed, but the company’s declaration made many experts suspect a ransomware attack. In which case “the threat actors have deployed ransomware payloads and encrypted systems on IHG’s network”, according to BleepingComputer.
In the usual unfolding of these types of events, the malicious actors have taken the opportunity to snatch important data from the victim’s network previous to the encryption. These data are later used in double extortion when the cybercriminals threaten the target to publish the sensitive information online if a ransom is not paid.
From BleepingComputer’s tests, the hotel group’s APIs are also down and showing 502 and 503 HTTP errors. Customers are also unable to log in at the moment, with IHG’s app displaying “Something went wrong. The credentials you entered are invalid. Please reset your password or contact Customer Care.” errors.
This Is Not the First Attack for IHG’s
It was only last month when Holiday Inn Istanbul Kadıköy, part of IHG Hotels, was the victim of a cyberattack claimed by the Lockbit ransomware gang.
Back in 2017 the company was the victim of a three months long security breach from September 29 to December 29. The Breach affectied more than 1,200 hotel from the InterContinental franchise in U.S.
IHG Hotels & Resorts is a British multinational company that owns 6,028 hotels in more than 100 countries and plans to develop 1,800 more. Under its umbrella, we can find hotel chains as: InterContinental, Regent, Six Senses, Crowne Plaza, and Holiday Inn.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.