Deleted popular hotel chain’s data ‘for fun,’ claims hacker couple

The Intercontinental Hotels Group (IHG), which owns Holiday Inn, was the target of a destructive cyberattack by hackers who claimed they did it “for fun”.

According to the BBC, the IHG identified as a couple from Vietnam and claim that after attempting a ransomware assault, which was unsuccessful, the duo erased a significant amount of data.

The hackers accessed the FTSE 100 firm’s databases and quickly found that the password was Qwerty1234.

The hackers, calling themselves TeaPea, contacted the BBC on the encrypted messaging app, Telegram, providing screenshots as evidence that they had carried out the hack.

The images, which IHG has confirmed are genuine, show they gained access to the company’s internal Outlook emails, Microsoft Teams chats and server directories.

“Our attack was originally planned to be ransomware but the company’s IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead,” one of the hackers said.

A wiper attack is a cyber-attack that irreversibly destroys data, documents and files.

An expert said the case highlights the vindictive side of criminal hackers.

UK-based IHG operates 6,000 hotels worldwide, including the Holiday Inn, Crowne Plaza and Regent brands.

On Monday last week, customers reported widespread problems with booking and check-in, the report said.

For 24 hours, the IHG responded to complaints on social media by saying that the company was “undergoing system maintenance”. Then on Tuesday afternoon, it told investors that it had been hacked.

The IHG said customer-facing systems are returning to normal but that services may remain intermittent.

The hackers showed no remorse about the disruption they had caused the company and its customers.

“We don’t feel guilty, really. We prefer to have a legal job here in Vietnam, but the wage is an average of $300 per month. I’m sure our hack won’t hurt the company a lot.”

The hackers said no customer data was stolen, but they do have some corporate data, including email records.

Related Posts