Cyber Attack on IHG Disrupts Hotel Booking System | Concerns on Private Data Leakage

IHG Hotels & Resorts, the hotel group that owns the Holiday Inn and Intercontinental brands, experienced a cyber attack in the first week of September. 

The attack has impacted the central hotel’s booking system and mobile apps, causing a service outage for several days. Loyalty program members could not log in or create new bookings during this time. 

IHG is still assessing the nature, extent, and impact of the breach, but it has caused loyalty program members to be unable to log in or create new bookings. There were concerns regarding data leakage following the cyber attack.

InterContinental Hotels Group Cyberattack a Ransomware

IHG is a leading hotel company with over 6,000 hotels in more than 100 countries. The company’s portfolio comprises more than 3,000 hotels. 

The chain of hotels includes the Holiday Inn and Holiday Inn Express hotels, InterContinental Hotels & Resorts and Crowne Plaza properties, and the upscale Holiday Inn Resort and Holiday Inn Club Vacations brands. 

IHG’s global portfolio includes selected large-scale, mixed-use, iconic properties, exclusive limited-service brands Kimpton Hotels & Restaurants, and upscale, design-driven St. Regis Hotels & Resorts.

IHG’s investigation continues but has left unanswered concerns over the company’s breached data encryption controls and lost data. 

IHG has hired a forensics firm to investigate the breach, but only a few additional investigation details are available. In addition to the hotel booking system outage, IHG had to disable access to its mobile apps. 

The apps host a variety of customer data, but the attack’s real impact remains unknown. IHG’s decision to temporarily shut down its mobile apps raises questions about how it was able to prevent the encryption of sensitive data.

IHG has not confirmed it yet, but some threat intelligence companies on Twitter say that at least 15 IHG employees and 4,030 user accounts on the company’s internal network were compromised.

It’s believed that a leading hotel brand has been the victim of a cyber attack. Hotel cyber security experts suspect that the hotel may have been a victim of ransomware. 

This is a worrying development, as it highlights the vulnerability of large companies to cybercrime. The hotel brand has not yet released any relevant attack details, but it highlights the extent of customer data compromises. 

This fact highlights a business requirement to have robust security measures to protect itself against such threats.

IHG Disables Hotel Bookings for an Indefinite Period

IHG has provided customers with limited information about the attack, including a brief statement about the data’s encryption controls breach. 

IHG has not provided details about the number of affected customers, the type of data stolen, or the duration of the breach. 

IHG has also not released a timeline for when its guests can make new reservations. The hotel group continued to publish blog posts during the breach; however, they haven’t provided any information about the breach. 

IHG’s social media teams have also not provided any information about the breach. The hotel’s central booking system was offline for several days, preventing customers from creating new bookings or accessing online reservation data. 

IHG’s website was also temporarily offline. The hotel booking system outage means that IHG could not update its bookings with new information, such as room rate changes. 

It may have resulted in incorrect hotel rates charged to some customers. The hotel booking system outage also prevented IHG from tracking room availability and authorized hotel employees to change room availability.

On the contrary, IHG has shared a few details about the breach with reporters around the recent cyber attack. This may feel like good news, as the attack is not part of a more significant trend of cyberattacks against businesses. 

However, it is still a serious incident requiring a thorough investigation. IHG is taking steps to ensure that all customers’ information is secure and is working with law enforcement to identify the perpetrators. 

However, the earlier cyberattack has left many wondering about the real culprits and the possibility of a data breach. 

IHG stated that the attack had caused significant disruptions to its booking channels and mobile apps, which have been down since Monday. The hotel chain also said that it is working with outside hotel cybersecurity experts to help with the investigation.

Cyber Attack on IHG - Blast From the Past?

In 2016, a data breach impacted IHG, which went undetected for three months. Attackers obtained credit card data from the hotel booking system, and victims began noticing fraudulent card charges. 

In 2020, IHG agreed to pay over $1.5 million to settle a class action lawsuit related to the data breach.

There isn’t any evidence of the IHG hotel booking system data landing anonymously on the Dark Web. If this was a ransomware attack, it might not have been the “double extortion” type that also involves stealing customer payment information and sensitive internal business and employment documents.


Published on Sep 15, 2022
Shivani Dhiman
Written by Shivani Dhiman
Content Marketing Manager at Appknox


Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now