Suspected Ransomware Attack on InterContinental Hotels Affected Over 4,000 Guests
According to an analysis by cyber intelligence company Hudson Rock, just over 4,000 InterContinental Hotels Group users and 15 of its 325,000 employees were compromised in the attack.
This week, hospitality major InterContinental Hotels Group (ICH) was victimized by a cyberattack that compromised parts of its systems and disrupted some operational elements, including booking channels and other applications.
ICH confirmed the attack in a filing submitted to the London Stock Exchange, where it is listed. However, the company didn’t reveal the type of the attack, leading stakeholders to speculate the precise scope of what “unauthorized access” of its technology systems constitutes.
Based on what is known so far, a theory that cybersecurity experts are floating is the possibility of the incident being a ransomware attack. Drew Perry, CEO of Tiberium.io, told Spiceworks, “While it is unconfirmed, the attack does look like it’s ransomware, and IHG will likely be in negotiations with the attackers to try to restore access and get their systems back up and running.”
Cybersecurity researcher Kevin Beaumont took it to Twitter to express the same.
IHG Hotel Group incident is ransomware
— Kevin Beaumont (@GossiTheDog) September 6, 2022
Ransomware generally entails infiltration and compromise, exfiltration of data, and the encryption of data/systems/networks. Hospitality was the eighth most targeted sector by ransomware groups between March 2021 and April 2022.
According to the analysis by cyber forensics and intelligence company Hudson Rock, 4,053 ICH users and 15 of its 325,000 employees were compromised in the attack whose perpetrator remains unknown.
See More: Ransomware Attack Hits USA’s Top School District LA Unified, FBI Joins Investigation
ICH operates 6,028 hotels, including some of the most popular brands, such as InterContinental, Holiday Inn, Holiday Inn Express, Crowne Plaza, Regent, Atwell Suites, Kimpton, and Six Senses across 100 countries. The company was unable to accept online bookings earlier this week. Services seem to have been restored as of today.
It is difficult to determine whether the latest cyberattack is more significant than the 2016 breach of the ICH systems. Initially thought to have been a minor breach that affected 12 of its properties, the actual scope of the previous attack was much more extensive. Between September 29 to December 29, 2016, 1,175 properties were infected by malware designed to steal credit card data.
In the last four years, another hospitality bigwig Marriott International has been breached thrice, resulting in the compromise of the personally identifiable information of up to 338 million guests of one of its brands (Starwood) in 2018, 5.2 million in 2020, and 20 gigabytes of confidential and proprietary business documents, guests and personnel, in June 2022.
Marriott was also fined £18.4 million ($23.8 million) by the U.K’s data regulator Information Commissioner’s Office for failing to protect the data of the 338 million guests. The fine, which amounts to just ~$0.07 per guest, was significantly less than the £99.2 million ($123 million) that ICO said it would penalize.
Perry added, “This is yet another reminder of the damaging impacts of cybercrime. Not only is IHG potentially getting held to ransom for its data access, but it is also losing out on customer bookings.”
“Organizations should use this as a warning to never gamble with their cyber defenses. After all, the cost of preparing and preventing an attack is far less than the cost of recovering from one.”
Data breaches, on average, cost organizations $4.25 million in 2022, according to IBM’s 2022 Cost of Data Breach report.
Let us know if you enjoyed reading this news on LinkedIn, Twitter, or Facebook. We would love to hear from you!
MORE ON CYBERATTACKS
