Ongoing Attack Affects Hospitality Chain’s Reservation System
Publicly traded InterContinental Hotels Group is in day three of an ongoing cyberattack disrupting the ability of would-be patrons to book rooms.
The U.K.-based hospitality group operates about 6,000 hotels that range from swanky to roadside functional in more than 100 countries. It disclosed the attack in a Tuesday filing with the London Stock Exchange.
Parts of its technology infrastructure “have been subject to unauthorized activity,” the company disclosed.
InterContinental Hotels Group has “implemented its response plans, is notifying relevant regulatory authorities and is working closely with its technology suppliers,” it said. It employs approximately 325,000 individuals, and its portfolio includes more than a dozen brands, including InterContinental Hotels & Resorts and Holiday Inn Express.
As of publication, visitors to some of the chain’s properties are asked to call to make a booking while other websites appear responsive to booking requests.
Cybersecurity intelligence firm Hudson Rock estimates more than 4,000 users, including 15 employees, have been compromised by the attack. Hudson Rock CEO Roi Carthy told Information Security Media Group that telemetry indicates multiple InterContinental employees downloaded malware compromising their credentials. Carthy said his company uses social engineering techniques that enable it to acquire data directly from threat actors who have compromised computers with malware.
This isn’t the hotel chain’s first brush with a malware incident. In 2020, it settled a class action lawsuit filed after cybercriminals stole payment card data over a five-month period in late 2016 from a clutch of the group’s U.S.-based hotels. InterContinental agreed to pay up to $250 per class member, and the total payout was capped at $1.55 million.