InterContinental Hotels Group (IHG) has confirmed that it has sustained a cyber attack which experts are suggesting could be ransomware in nature.
IHG owns hotel brands such as Holiday Inn, Holiday Express, Regent, Crowne Plaza, Kimpton, and Six Senses. It confirmed the attack with a filing to the London Stock Exchange (LSE) on Tuesday.
Part of the disclosure to the LSE mentioned how “IHG is working to fully restore all systems as soon as possible” - wording often used when a cyber security incident involves ransomware.
Cyber security experts have suggested the incident could be ransomware too, adding to the growing speculation which has not yet been confirmed by IHG.
Other researchers pointed out that the LockBit ransomware operation also claimed an attack on an Istanbul-based branch of IHG-owned Holiday Inn last month.
IHG said in the filing that its booking channels and “other applications” have been “significantly” disrupted since Monday.
IHG customers have been complaining on social media about reservation issues and users appearing to be IHG employees claim their shifts “have been hell all day”.
“IHG has implemented its response plans, is notifying relevant regulatory authorities and is working closely with its technology suppliers. External specialists have also been engaged to investigate the incident,” the company said in its filing.
RELATED RESOURCE
Escape the ransomware maze
Conventional endpoint protection tools just aren’t the best defence anymore
“IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG's hotels are still able to operate and take reservations directly.
“A further update will be provided as and when appropriate.”
In 2016, IHG fell victim to several cyber attacks that caused widespread disruption. During two instances in the space of just a few months, IHG customers’ payment details were put at risk.
One instance involved 20 of the company’s hotels being hit with malware targeting its point-of-sale systems, potentially exposing payment details to hackers.
A month later, it was also targeted by a three-month attack on its systems during which time malware was used to access customers’ stored payment details.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
