IHG Hotels was hacked earlier this month. Their systems were down. They could not take reservations. The chain was impaired for several days.
Now we know the story.
- A couple from Vietnam intended a ransomware attack, but the chain was able to isolate its systems to prevent this.
- Hackers accessed “the company’s internal Outlook emails, Microsoft Teams chats and server directories.”
- Since they couldn’t make money from the attack they just went ahead and deleted data for fun.
According to the pair,
We don’t feel guilty, really. We prefer to have a legal job here in Vietnam but the wage is average $300 per month. I’m sure our hack won’t hurt the company a lot.
The perpetrators say that no customer data was stolen “but they do have some corporate data, including email records.”
It began with phishing, with an employee downloading an attachment from an email. Apparently systems were broadly accessible by employees, so they had a wide surface for attack. The password they needed once gaining access through an employee? Qwerty1234.
An IHG spokesperson says “IHG employs a defence-in-depth strategy to information security that leverages many modern security solutions.”