Cyberattack disrupts bookings for IHG hotels

The online system has been down since Monday.

Matthew Childs / reuters

For the past three days, one of the largest hospitality companies in the world hasn’t been able to accept online bookings due to a cyberattack. On Tuesday, the InterContinental Hotels Group disclosed that “unauthorized activity” had left its IT systems “significantly disrupted” since the end of the Labor Day weekend. IHG operates 6,028 hotels across more than 100 countries, with some of the company’s more recognizable brands including Holiday Inn, Crowne Plaza and Regent.

When Engadget went to book a local InterContinental in Toronto on Wednesday morning, clicking “Check Availability” or “Book Now” produced a pop-up window prompting us to call or email the hotel to make a reservation. “IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident,” the company said in a statement, providing few other details about what had happened. It says it's working with external experts and regulatory authorities to investigate the cyberattack.

Bleeping Computer suggests the disruption may be the result of a ransomware attack. In 2017, IHG found that over 1,000 of its US hotels had been infected by malware designed to steal credit card information. More recently, the Lockbit ransomware gang claimed last month it had stolen data from the Holiday Inn Istanbul Kadıköy.