InterContinental Hotels Group confirms disruption in their tech systems and operations from recent cyberattack.
InterContinental Hotels Group, also known as IHG Hotels & Resorts stated that their booking channels and other tech applications they used have been experiencing significant disruptions since yesterday.
The company detected an unauthorized activity in its technology systems. IHG Hotels & Resorts is a multinational hotel and resort company with its headquarters in England and Wales.
It is a family of 17 hotel brands and has over 6,000 open hotels in 100 countries, in addition to more than 1,800 hotels that are currently in the process of being developed.
Some of the hotel brands under the brand are Regent, Holiday Inn, Six Senses, and many more.
InterContinental Hotels Group Cyberattack
The InterContinental Hotels Group has numerous hotel chains connected to it. From the attack yesterday until now, their internal systems, including booking channels, are still unavailable.
According to IHG, it is continuing to work on fully restoring all of their systems as quickly as possible while simultaneously determining the nature of the incident, its scope, and the impact it has had.
IHG has put its response plans into action. The company stated that they are in the process of notifying the appropriate regulatory authorities and are collaborating closely with third party technology vendors to help them address the problem at hand.
In addition, IHG Hotels & Resorts has brought in outside experts to assist with the investigation of the incident. As part of their response to the ongoing disruption in service, the company will be providing assistance to owners and operators of hotel properties.
The hotels that are part of the InterContinental Hotels Group brand can still function normally and take direct bookings.
Furthermore, a cybersecurity company, Hundson Rock, stated that the incident at InterContinental Hotels Group compromised at least 15 employees and more than 4,000 users, based on the data linked to their ihg[.]com domain.
However, the spokesperson of the company refused to comment on that, saying that other than the statement, they do not have anything more to say at the moment.
The company stated that they would give further updates when the situation is appropriate.
Read Also: Hotels, Travel Companies are Targeted by Hacker Using Fake Reservations
The InterContinental Hotels Group Disruption Could Be a Ransomware
In the InterContinental Hotels Group statement, it did not disclose any information regarding the nature of the attack.
However, it did acknowledge in its disclosure that it was attempting to restore the systems and channels that were affected.
That statement could be an indicator that the company's cyberattack and system disruption might be caused by a ransomware attack.
The ransomware group behind it could have released payloads on IHG and then encrypted its systems.
Data breaches and ransomware attacks have become increasingly worse and more innovative nowadays. Numerous threat actors and groups have come up with an orchestrated plan of ransomware to force companies and organizations to pay ransom.
According to BleepingComputer, the vast majority of ransomware attacks begin with the perpetrators stealing sensitive data from the networks of their victims before beginning the encryption process.
This information is subsequently put to use in double extortion schemes, in which the victims are blackmailed into paying a ransom under the pretense that the stolen data will be made public.
The LockBit ransomware gang claimed responsibility for an attack on one of IHG's hotels, the Holiday Inn Istanbul Kadkoy, which occurred one month ago.
According to tests conducted by BleepingComputer, the hotel group's APIs are also down and are displaying HTTP status codes of 502 and 503.
Related Article: LockBit Ransomware Strengthens Extortion Schemes Amidst DDoS Attacks
