InterContinental Hotels rocked by ‘ransomware attack’

hotelInterContinental Hotels Group, the company behind hotel brands Holiday Inn, Holiday Express, Regent, and Crowne Plaza, has confirmed that it has been hit by a cyber breach, amid claims it is the latest victim of a ransomware attack.

IHG confirmed the issue in a filing to the London Stock Exchange on Tuesday, in which it insisted it was “working to fully restore all systems as soon as possible”.

Some experts have pointed out that a ransomware operation called LockBit had already carried out a ransomware attack on an Istanbul-based Holiday Inn last month.

IHG said in the filing that its booking channels and “other applications” have been “significantly” disrupted since Monday and its admission followed a barrage of complaints in social media about reservation issues and users appearing to be IHG employees claiming their shifts “have been hell all day”.

The company said in its filing: “IHG has implemented its response plans, is notifying relevant regulatory authorities and is working closely with its technology suppliers. External specialists have also been engaged to investigate the incident.

“IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG’s hotels are still able to operate and take reservations directly.

“A further update will be provided as and when appropriate.”

The travel and leisure sector appears to be one of the most common targets of hackers, as British Airways and Marriott International know to their cost. Both firms were fined a total of £38.4m in 2020 by the UK Information Commissioner’s Office for breaching GDPR by failing to protect customers’ data. However, they did manage to get their fines – originally proposed at £282m – slashed.

Related stories
Tech security staffer gets 5 years for ransomware spree
Wakey, wakey: Data breaches cost UK firms £4bn a year
Under siege: Marketers’ favourite password is ‘123456’
New cyber security laws threaten mega fines for firms
Spy chief warns of ‘alarming’ increase in ransomware