Hackers said they roamed throughout the databases of the company that owns Holiday Inn, destroying data once they were thwarted in their attempt to launch a ransomware attack. The Intercontinental Hotels Group intrusion last week worried experts in a couple of ways, the BBC reports. The hackers were blocked at first but got around IT team's effort and abandoned the ransomware plan. "The hackers' change of tactic seems born out of vindictive frustration," said Rik Ferguson, a cyber-security specialist Rik Ferguson. "They couldn't make money so they lashed out, and that absolutely betrays the fact that we are not talking about 'professional' cybercriminals here."
The hackers, who identified themselves as a couple from Vietnam, contacted the BBC, showing screenshots as proof of their success. They showed the hackers got to internal emails and group chats, for instance. IT isolated servers before they could deploy the ransomware, "so we thought to have some funny," one of them said. "We did a wiper attack instead"—which permanently destroys data. The hackers said they took company data but not customer information. "I'm sure our hack won't hurt the company a lot," they said. IHG, which has 6,000 hotels, informed the London Stock Exchange that its booking systems had been disrupted, and customers reported having problems booking and checking in.
For the first 24 hours, the UK company, which operates the Holiday Inn, Crowne Plaza, and Regent brands, told customers on social media that the problems were caused by system maintenance, per Tech Times. IHG told its investors the real cause Tuesday afternoon. The hackers said they were aided in getting to the most restricted company data by the simplicity of one of the passwords: Qwerty1234. "The password was extremely weak," they told the BBC. The hackers expressed no regrets. "We don't feel guilty, really," one said. "We prefer to have a legal job here in Vietnam but the wage is average $300 per month." (More hackers stories.)