A couple who tried to facilitate a ransomware attack on Intercontinental Hotels Group (IHG) deleted data from the hotel chain after their plans failed.
The company, which owns Holiday Inn, suffered the hack after a duo called TeaPea became frustrated when IHG’s internal IT team kept isolating servers, preventing them from carrying out the ransomware attack. In retaliation, the couple switched to a wiper attack which destroyed data, documents and files. They gave information to the BBC over messaging app Telegram, with screenshots from the attack as evidence, which IHG later confirmed were real.
TeaPea was able to gain access to the FTSE 100 firm’s databases due to a weak password, Qwerty1234. The couple did this by tricking an employee via phishing with a malicious email attachment.
The duo was able to gain access to IHG’s Outlook emails, Microsoft Teams chats and server directories. While no customer data was stolen, some corporate data was. IGH states that services may still be intermittent at this time.
Sign up to our mailing list to receive more IT related educational information:
0 comments on “How A Failed Cyber Attack Led To Hotel Hack”