Hackers gained access to the data of the Holiday Inn hotel chain.
The hackers’ activity was detected, which is when they began their revenge. Illustration picture. PDO
Intercontinental Hotels Group (IHG), which owns the Holiday Inn hotel chain, was subjected to a cyber attack at the beginning of September. IHG owns 6,000 hotels around the world, including Crowne Plaza and Regent hotels.
IHG said in a statement on September 6 that its booking channels and apps were down. This was due to an attack by hackers calling themselves TeaPea. Behind the moniker is a Vietnamese couple.
The couple said for the BBC through the messaging service Telegram, that they initially tried to inject malware into the systems, but then ended up deleting large amounts of data because their actions were discovered.
– Our attack was originally designed as a ransomware, but the company’s IT team isolated the servers before we had a chance to deploy it. Because of this, we thought we could have a little fun. We did a wipe attack instead, the hackers said.
The hacker couple gained access to the databases through a very weak password. Qwerty1234 was used as the password, which is really easy to guess and on many lists that list the worst possible passwords.
The hackers sent the BBC images of the hack being carried out. The pictures show how people got access to the company’s Outlook e-mails, Microsoft Teams conversations and service directories.
Information security expert interviewed by the BBC Rick Ferguson said that the incident shows how the attackers were able to wreak havoc even when they were caught in the act.
– The hackers’ change of tactics seems to have been caused by vengeful frustration. They couldn’t make money, so they went berserk – and that definitely reveals the fact that they’re not ‘professional cybercriminals,’” Ferguson commented.
The attackers did not get access to customer data, and the effects are not likely to be far-reaching. According to IHG, its systems are returning to normal.