With Disruption of Booking Channels, InterContinental Hotels Group Becomes the Latest Cyberattack Target

Over the last five years, multiple other major hotel brands, including Hilton, Radisson, Hyatt and Marriott hotel groups, also fell victim to malicious cyberattacks.
By HTN Staff - 9.7.2022

InterContinental Hotels Group, which operates some of the world’s largest hotel chains, including the Holiday Inn, Crown Plaza, Regent, Crowne Plaza, Kimpton and Six Senses, reported this week that parts of the company’s technology systems were subject to unauthorized activity. IHG’s booking channels and other applications have been significantly disrupted since Tuesday and the disruption was ongoing.

According a press statement, the British multinational hospitality company has “implemented its response plans, is notifying relevant regulatory authorities and is working closely with its technology suppliers.” External specialists have also reportedly been engaged to investigate the incident.

“IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident,” said a company spokesperson. “We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG’s hotels are still able to operate and to take reservations directly.”

IHG is hardly the only major hotel chain to suffer this fate. Over the last five years, multiple other major hotel brands, including Hilton, Radisson, Hyatt and Marriott hotel groups, also fell victim to malicious cyberattacks. In July 2022, Marriott suffered it’s third data breach in four years. According to reports, 20 gigabytes of sensitive data, including guests’ credit card information, was stolen with a threat actor using social engineering to trick an associate at a Marriott hotel into providing access to their computer.

Nor is this the first time IGH has been hit by a cyberattack. In April 2017, 1,200 of its hotels were compromised by a three-month-long cyberattack. Hackers reportedly gained access to guest credit card data that was then used to make hundreds of fraudulent payments. Following the data breach, IHG agreed to pay more than $1.5 million in a class action settlement.

According to a new data study from Tech.co, only 13 percent of hospitality businesses consider cybersecurity a top-three budget priority. “Our research findings should be a real wake up call for businesses of any size,” said Tech.co Deputy Editor Jack Turner.

“The problem with these data breaches is that guests sometimes don’t even know that their data got breached,” said Daniel Markuson, a digital security expert at NordVPN .