IHG data hack was done “for fun”

Perpetrators open up about IHG attack motivations

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Thecyber attack on the Intercontinental Hotels Group (IHG), which operates the Holiday Inn brand, was reportedly carried out “for fun”.

The perpetrators of the attack, who claimed to be a couple from Vietnam, told theBBCthe “attack was originally planned to be aransomwarebut the company’s IT team kept isolating servers before we had a chance to deploy it”.

The hackers, who also go by the name of “TeaPea”, then decided to “have some funny” before switching to a “wiper attack”, a variety of attack which deletes the user’s data permanently without ransoming it for financial gain.

IHG attack

IHG attack

The full scope of the incident has not yet been revealed, however, IHG said ina statementthat its booking channels and other applications had been “significantly disrupted”.

The hackers told theBBCthey used the widely-used password “Qwerty1234” to access the company’s most sensitive databases.

Before this, TeaPea gained access to the IHG IT systems by tricking an employee into downloading malicious software via a phishing email.

They also had to bypass an additional security prompt message sent to the worker’s devices as part of a two-factor authentication system.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The hackers maintained that they didn’t steal any customer data, though they did manage to access some corporate data such as emails according to the sources.

Despite the attack turning malicious, the original motivations behind it were economic.

“We don’t feel guilty, really,” they told theBBC. “We prefer to have a legal job here in Vietnam but the wage is an average $300 per month.”

They added: “I’m sure our hack won’t hurt the company a lot.”

In contrast to some of the hacker’s claims, an IHG spokesperson told the BBC that hackers would have needed to have evaded “multiple layers of security” to get into systems.

She said: “IHG employs a defence-in-depth strategy to information security that leverages many modern security solutions”.

All Los Angeles schools were hit by a huge ransomware attack>Ransomware attackers are abusing VoIP software to breach organizations>Our guide to the best firewall services

Wiper attacks are often used by national states for political ends due to the chaos they can cause.

The US National Security Agency (NSA) has alleged that the Russian government used the “AcidRain” malware todisrupt Viasat’s satellite networkvia data deletion around the time of their attack on Ukraine.

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)