The BBC was contacted last week by a Vietnamese couple who said they carried out a destructive cyber-attack against the UK-based Intercontinental Hotels Group (IHG) “for fun”.
Yes, but that was after their initial attempt at a ransomware attack was foiled by the company’s IT team. “Our attack was originally planned to be ransomware but the company’s IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead,” one of the hackers told the BBC. It had a significant impact on the operations of IHG, which operates about 6,000 hotels globally, including Holiday Inn, Crowne Plaza, and Regent brands.
Why did they contact the BBC?
The attention, perhaps. Identifying themselves as TeaPea, they contacted the BBC on Telegram, providing screenshots of the company’s internal Outlook emails, Microsoft Teams chats, and server directories as confirmation of the hack. The images in the screenshots were confirmed by IHG as genuine. The hackers gained access to the company’s databases through an easily found and weak password, Qwerty1234(a combination of the first six letters and first four numbers on a computer keyboard).
How did it affect the company?
Customers reported widespread problems with booking and check-in. In response to the complaints, IHG told customers that the company was “undergoing system maintenance”. But it could do that for only a day because by noon the following day, it told investors that it had been hacked. “Booking channels and other applications have been significantly disrupted since yesterday,” the company said in an official notice to the London Stock Exchange.