Skip to Content

InterContinental Hotels Group Discloses Breach

[Updated 19 September 2022] IHG hackers come forward

Hackers describing themselves as a couple from Vietnam took credit for the hack of the InterContinental Hotel Group earlier this month. The duo told the BBC they gained access to the hotel’s network after tricking an employee into downloading and installing malware on their system through a booby-trapped email attachment. The hackers said they then found a password vault for several of the hotel group’s internal systems, including its main database, which was allegedly protected by a password of “Qwerty1234.” The hackers said they tried to install ransomware on the hotel’s network, but after failing, they just wiped the database instead, in frustration.


[Update on 12 September 2022] Holiday Inn hotels hit by cyberattack

The international hotel giant behind Holiday Inn, Crowne Plaza and Regent hotels has confirmed a cyberattack, but little else. Intercontinental Hotels Group, or IHG, issued a statement via the London Stock Exchange saying its systems “have been subject to unauthorised activity.” Vague; how helpful. IHG has more than 6,000 hotels in more than 100 countries, and has 150 million guests each year — so these aren’t small numbers. Customers were left without answers while Holiday Inn’s social media was posting on autopilot. IHG said it was “working to fully restore all systems,” with customers reporting that its booking systems were inaccessible. IHG declined to say what the cyberattack was, but it is reportedly ransomware. It’s not the first time IHG has been hacked; it confirmed a months-long cyberattack in 2016 that allowed hackers to steal credit card data, which the company settled for $1.55 million.


The InterContinental Hotels Group (IHG), which operates more than 6,000 hotels under 17 brands, disclosed a breach of its IT systems. The incident began on September 5 and was disclosed in a statement made to London (UK) Stock Exchange. The incident disrupted IHG booking systems and other applications. This is the third breach IHG has experienced since 2017.


  • IHG had $1.39B of revenue in 2021, or about $3.8M per day. If bookings of IHG’s nearly 900,000 rooms are impacted by the disruption, a 10% hit would mean the breach could be costing them almost $400k per day just in delayed, if not lost, revenue. IHG also paid over $1.5M in a legal settlement over a previous breach, which have been happening frequently at IHG. If you’ve been having trouble convincing management to back needed changes to reduce vulnerabilities, this will be the latest data point for proactive spending invariably being cheaper than incurring a meaningful breach.
  • Remember IHG operates 17 hospitality brands including Holiday Inn, Crowne Plaza, and Candlewood Suites, meaning you may be impacted even though you’ve not booked an InterContinental Hotel stay. While centralized systems are offline, local hotel operators are able to process reservations on their local systems. While this is the third attack since 2017, it is unlikely they are connected; think more of kicking someone while they are down. Which means if you’re compromised, you need to not only restore services, and remediate the weaknesses used against you, but also raise the bar overall. The IHG attackers appear to be seeking the personal data associated with reservations, which can then be resold.


Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.