In this article, let’s review three cyber security stories on hotel chains. Each story reveals cyber security patterns and a blueprint on basic cyber security and the downfalls when security is not a priority. Here are the cyber scandals of hotel chains in 2022.
In 2022, the hotel chain, Marriott, got breached for the third time in the last five years. Luckily, this time, “only” 20 GB of data was stolen.
Up to 400 customers and employees will be notified that their information might be compromised.
A good portion of what was stolen was internal documentation. The hacker criminals have yet to identify themselves. The hotel chain notified law enforcement. (CyberScoop)
We have a thesis that organizations that get breached are more likely to get breached a second time.
We’re not sure if it’s because they never fully secure their enterprise or if more hackers are trying to steal from them and so, eventually one of them gets in.
This is a pattern we are seeing with Marriott Hotels and large companies like Uber – also breached three times.
Our co-founder at Assurance IT asked his LinkedIn audience if they would continue working with a vendor after they got breached. 33% of them said yes and 47% said they were unsure.
That is 80% of people saying they may work with a company even after they get breached. That’s good for the companies. However, if this becomes a proven pattern, end-users will continue to lose their personal data.
And we know that people to value their personal data from another LinkedIn poll from our co-founder where 81% of voters confirm that companies should be held more accountable if they lose personal data.
The Intercontinental Hotels Group (IHG) confirmed they were the victim of a cyberattack.
The company manages some of the most popular hotel chains like Holiday Inn, Crowne Plaza and Regent hotels. Their booking channels and other applications were not working and customers took notice.
One customer tweeted, “What is going on with your system? For at least 19hrs. Phones and apps not working- afraid to book anything. No customer service at all.”
Another customer Tweeted, “@HolidayInn is my reservation gone? Or is there a problem with the system? I need help.”
It was not confirmed if data was stolen, but operations seem to have taken a hit. In addition, this isn’t the first cyber breach the hotel chain experiences.
Back in 2017, 1200 of their franchised hotels in the US were affected. (BBC)
The story doesn’t stop there. At the time of writing this article, it was revealed that a couple from Vietnam was behind the attack.
When they realized they wouldn’t get a ransom payout, the hackers deleted large amounts of data for fun.
"Our attack was originally planned to be a ransomware but the company's IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead," one of the hackers said.
"We don't feel guilty, really. We prefer to have a legal job here in Vietnam but the wage is average $300 per month. I'm sure our hack won't hurt the company a lot." (BBC)
That’s not the crazy party. The couple described how they hacked IHG – a hotel chain that operates 6000 hotels around the world.
Here is how TeaPea (the hackers gave themselves this name) did it:
No client records were stolen, they just deleted corporate information.
This is IHG’s second time getting breached. We’re not going to review the first cyber attack but the second cyber attack seems like it could have been avoided with simple cyber security measures. Let’s review the 3-steps TeaPea took to breach their systems.
First, the risk of an employee downloading malicious software can be mitigated with employee training.
If you’re are interested, we are partners with a great company that releases updated and effective training for employees on a monthly basis. Their packages are affordable and you mitigate the risk of random couples trying to trick your employees into clicking suspicious links.
Second, two-factor authentication is good but continuous authentication is better. We are partners with Plurilock, an advanced continuous authentication system that doesn’t even require your employees to “enter the code from their phone.”
It happens seamlessly in the background. The innovative solution is trusted by the U.S. Military. Book a call with us here to get a demo. Don’t settle for two-factor authentication when continuous authentication exists at a reasonable price.
Third, password management requires restricted access and strong passwords. The password “Qwerty1234” is as strong as “Password1234.” It is shocking to find out that a huge enterprise like IHG let that password slide and that all passwords were available to everyone in the organization. I am sure someone is getting fired for that.
If we learned anything from this story is that the simple things in cyber security go a long way.
Forget all the bells and whistles, focus on employee training, proper password management and continuous authentication and you eliminate being embarrassed like the IHG.
A cyber security researcher was at a hotel in Qatar when he unexpectedly discovered a technical vulnerability exposing private information of hundreds of hotels and millions of guests worldwide.
The information included 629 hotels across 40 countries in the Middle East and North Africa. Unfortunately, this danger goes beyond the personal information of the hotels and guests.
“It is not just guests’ personal information that is at risk. Mohsin said a hacker could use the vulnerability to access the guests’ computer and mobile devices, as well as the hotel’s security footage, ventilation systems, and electronic door locks.” (Aljazeera)
Unlike the IHG, this researcher did not take advantage of the vulnerability in this hotel chain. Technically this wasn’t a cyber breach but had a malicious actor found it, this hotel chain would have been in a similar situation as IHG.
We can’t put blame on anyone who gets attacked because the criminals should not be hacking in the first place. However, as cyber security becomes a bigger issue, private companies have no excuse to get breached. They are aware of the situation and they have the means to protect themselves.
Just like they have locks on their office buildings, they need to apply the same to their virtual systems.
Share this post with the buttons at the top right of this post.
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.