Couple behind IHG cyberattack claims they did it “for fun”

Share post:

TeaPea hackers said they had carried out a destructive cyberattack on the owner of Holiday Inn Intercontinental Hotels Group (IHG) “for fun.”

Describing themselves as a Vietnamese couple who tried a ransomware attack before deleting large amounts of data when their attempts failed, they gained access to the FTSE 100 company’s databases using an easily discovered and weak password, Qwerty1234.

The hackers claimed to have gained access to IHG’s internal IT network by tricking an employee into downloading malicious software through a busted email attachment, and by bypassing an additional security request sent to the employee’s devices as part of a two-factor authentication system. The hackers say no customer data was stolen but they do have some corporate data, including email records.

The hackers communicated with the BBC via Telegram and provided screenshots as proof of the hack. The images show that they gained access to the company’s internal Outlook emails, Microsoft Teams chats and server directories, which IHG has confirmed as genuine.

“Our attack was originally intended to be a ransomware attack, but the company’s IT team kept isolating servers before we could deploy it, so we decided to have some fun [sic]. Instead, we used a wiper attack. We don’t feel guilty, really. We prefer to have a legal job here in Vietnam, but the wage is average $300 per month. I’m sure that our hack won’t hurt the company a lot,” said one of the hackers.

Initially, IHG responded to complaints on social media by saying the company was “undergoing system maintenance.” It informed investors later on Tuesday afternoon that it had been hacked.

The sources for this piece include an article in BBC.


Related articles

Cyber Security Today, June 21, 2024 – US to ban Kaspersky for businesses, consumers

U.S. to ban the sale of Kaspersky products to consumers and businesses. Welcome to Cyber Security Today. It's Friday...

Biden administration to ban US sales of Kaspersky software over ties to Russia

The Biden administration is set to announce a ban on the sale of Kaspersky Lab's antivirus software in...

Security bug may allow anyone to spoof Microsoft employee emails

A security researcher claims to have discovered a bug that enables anyone to impersonate Microsoft corporate email accounts,...

Cyber Security Today, June 19, 2024 – How an attacker hid on an IT network for three years

How an attacker hid on an IT network for three years Welcome to Cyber Security Today. It's Wednesday June...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways