The Holiday Inn hotel chain is hacked. The password was ‘Qwerty1234’

The Holiday Inn hotel chain is hacked. The password was ‘Qwerty1234’
The Holiday Inn hotel chain is hacked. The password was ‘Qwerty1234’
Photo: IHG

On Monday of last week, customers of Holiday Inn and other IHG group hotels had trouble making reservations and checking in. For 24 hours, IHG responded to complaints on social media saying its systems were “under maintenance.” On Tuesday afternoon, the publicly traded company admitted to his investors who had been the victim of a hack.

Now BBCNews publishes that the attackers accessed the firm’s databases thanks to the fact that the group used a common password: Qwerty1234.

IHG is a British firm that operates 6,000 hotels worldwide, including Holiday Inn, Crowne Plaza and Regent branded hotels. BBC News was able to communicate with its attackers via Telegram. Known as TeaPea, they claimed to be a hacker couple from Vietnam who had hacked to the group “for fun”. However, everything indicates who acted out of revenge, deleting large amounts of data after a botched ransomware attack.

The attackers gained access to IHG’s internal network through social engineering, tricking an employee into downloading malware from an email attachment. they had planned a ransomware (hijack IHG data with encryption for ransom), but the company managed to isolate its servers before they could implement it.

Instead, the hackers launched a wiper attack, irreversibly deleting a large amount of data from IHG’s servers.

G/O Media may get a commission

21% Off

50″ Amazon Fire 4K TV With A 4-Year Protection Plan

keep it covered
Means you’ll be protected from mechanical and electrical failures and faults on your 4K ultra HD television that has Alexa control, and acts as a hub for loads of streaming services, making them not only easier to access, but also look fantastic.

To gain access to the most sensitive parts of the network, the hackers had to bypass a security prompt that is sent to workers’ devices as part of a two-factor authentication system. Later they found the credentials in the company’s internal password vault.

“The vault username and password were available to all employees, so it could be seen by 200,000 people”, they told the BBC. To top, the password was extremely common: Qwerty1234.

According to screenshots confirmed by BBC News, the attackers gained access to internal Outlook emails, Microsoft Teams chats and company server directories. the attackers would not have stolen customer data, but yes corporate data, such as internal emails.

As for client systems, IHG says that are returning to normal, but the service may still fail intermittently.

The article is in Spanish

Tags: Holiday Inn hotel chain hacked password Qwerty1234

PREV The best eco-friendly solutions for your home are at Leroy Merlin
NEXT Alert due to failure in vehicles manufactured by BRP