Hotel chains are often targets for cyberattacks due to the data they hold, says Coalition’s head of insurance 

Holiday Inn – a subsidiary of InterContinental Hotels Group (IHG) – reported last week (5 September) that it had been hit by a cyber-attack resulting in a two-day bookings outage.

Joshua Motta_Coalition blue shirt

Read more… Joshua Motta: The MGA hitting the UK with ‘reinvented’ cyber security insurance

Not subscribed? Become a subscriber and access our premium content

Explore more cyber content here

IHG’s booking channels and other applications were significantly disrupted.

The hotel chain, which owns 6,028 hotels globally, said it was investigating “unauthorised access” and had implemented its response plans, having begun the process of notifying relevant regulatory authorities.

In a statement posted on the hotel chain’s website, it said: “We will be supporting hotel owners and operators as part of our response to the ongoing service disruption.

“IHG’s hotels are still in operation and are able to take reservations directly.”

Tom Draper, head of insurance at cyber insurance and security MGA Coalition, told Insurance Times: “[Hotel groups] are very large and complex organisations.

”[IHG] is not simply a monolithic corporate entity – they have 6,028 hotels.

“It’s not that cybercriminals are targeting this group, but more that this group is exhibiting a vulnerability.”

IHG is now working closely with its technology suppliers and external specialists have also been engaged to investigate the incident.

The hotel group is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident.

IHG said it would provide a further update as and when appropriate.

Where the data is 

When asked why cybercriminals go after hotel chains, Draper responded: ”It’s where the data is.”

He explained that the focus for cybercriminals when targeting a hotel group is economic value – restricting access to data and demanding a ransom could provide hackers with a substantial payday.

In Coalition’s mid-year 2022 Cyber Claims update – published on 14 September – the MGA said that average ransomware demands had declined from $1.37m (£1.18m) in the first half of 2021 to $896k (£772k) in the same half of 2022.

Read: Could the Marriott cyber attack have been prevented?

Explore more news content here

Another hotel chain – the Marriott Hotel group – has suffered several data breaches. 

Hackers hit the hotel in 2014, accessing 340 million guest records worldwide. This breach went undetected until September 2018 and led to the UK Information Commissioner’s Office fining the group £14.4m when it was discovered. 

Topics