InterContinental Hotels Group (IHG) PLC has confirmed that it suffered a data breach with the website down since Sunday evening.
The group, which includes Crowne Plaza, Holiday Inn and InterContinental Hotel & Resorts, confirmed that parts of the company’s technology systems had been “subjected to unauthorized activity”.
It added that its booking channels and other apps had also been significantly disrupted in the meantime.
A statement from the group reads: “IHG has implemented its response plans, is notifying relevant regulatory authorities and is working closely with its technology providers. External specialists have also been hired to investigate the incident.
“IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will support hotel owners and operators as part of our response to the ongoing service disruption. IHG hotels are still able to operate and take reservations directly.
He added that he would provide a new update “if needed”, but said YourMoney.com that customers don’t have to do anything, like change their password or inform their bank. However, he continues to monitor the situation.
Rob Burgess of loyalty website, Head for Points, said: ‘IHG’s website was down Sunday night and all Monday. It was billed as maintenance, but it’s now clear that IHG fell victim to a major hacking attack.
“Hotels have lost two to three days worth of bookings, and possibly more to come. There will no doubt be members who cannot cancel bookings and will face penalties. cannot see the status level of incoming customers.
“Now we need to see what was stolen in terms of credit card data, passport data, email addresses etc. If sensitive data was taken, the legal settlement in the EU alone is likely to be £100-200 million. , given pre-pandemic settlements reached by British Airways and Marriott for similar breaches.
“Customers will be rightly worried about their IHG data”
Nick Graham, chief technology officer at information security company Hicomply, recommends that customers monitor their accounts and credit reports.
Graham said: “At this point it is unclear whether the cyberattack was DoS [Denial-of-Service], Ransomware, personal data theft or a combination thereof. IHG will work to resolve issues currently affecting their platforms and to understand what data, if any, has been stolen so that it can identify affected individuals before making further announcements.
“Customers will be rightly concerned about their IHG data, whether they have recently booked with an IHG Group hotel, are members of an IHG hotel loyalty program, or have credit cards on file with brands under IHG, at this point I would recommend the individuals monitor their financial accounts, monitor credit reports.
“If they are not currently using a credit reporting solution or bureau such as Experian, Transunion or Equifax, it is worth signing up. With these products, individuals can monitor their credit activity and will be able to spot any unusual credit inquiries or use of credit.As a customer of a credit bureau, you can also add a fraud alert to your credit report, which will notify a potential lender of you. contact before extending new credit.
He added: “If IHG takes the initiative to contact customers and inform them that their data has been stolen, the action now would be to inform your banks and other lines of credit of the breach, block all bank cards I would also recommend people lock their credit report, which will prevent lenders from accessing the credit report.”