Hacker pair delete hotel group’s database ‘for fun’
Destructive cyber attack due to weak code
The UK-based IHG Group operates 6,000 hotels worldwide, including Holiday Inn, Crowne Plaza and Regent. Last week, the customer service department was inundated with complaints from customers who were experiencing problems with room reservations and check-ins. IHG responded by saying that the systems were under maintenance, but the next day it revealed to its investors that it had been hacked.
The people responsible were a couple of hackers from Vietnam, who contacted the BBC providing evidence that they were behind the hack, even stating that they did it ” for fun “.
Our attack was originally designed as a ransomware attack, but the company’s IT team isolated the servers before we could deploy it. So, we thought we’d have some fun with it and performed a deletion attack.
The pair, nicknamed TeaPea, managed to access the group’s database by guessing the weak code, which was QWERTY1234. Thus, they had access to internal Outlook emails, Microsoft Teams chat and server folders. They stressed to the BBC that they did not steal customer data, but they do have executive data. Access was gained by tricking an IT employee into downloading malware through an email attachment.
We have no guilt. Of course we prefer to have a legal job here in Vietnam, but the salary is $300 per month. We are sure that our hack did not harm the company too much.
It should be noted that the code QWERTY1234 often appears in lists of the worst passwords that someone can enter. IHG says its systems are back to normal, but it is still experiencing problems with some services.