IHG: Tech breach didn't access guest data

Nearly a month after parts of InterContinental Hotels Group's technology systems were “subject to unauthorized activity” as part of a reported ransomware attack, IHG has issued an update about the incident and its aftermath.

On Sept. 6, the company reported that parts of its technology systems had been “subject to unauthorized activity” that “significantly disrupted” its booking channels and other applications. By the following day, IHG said it had reactivated its booking websites and mobile app together with most of its other booking channels and revenue-generating systems. “Subsequently, service at our reservation and customer care call [centers] has been recovered and all our systems restored,” the company said in its statement. “During the disruption in our central systems, IHG-branded hotels continued to operate and were able to take reservations directly.”

This contradicts a mid-September complaint from AAHOA, which claimed that IHG franchisees reported a “complete shutdown” in guestroom bookings during this outage. The association’s leadership called for "an explanation" and a way for owners to recoup their losses due to the outage. An IHG spokesperson told Hotel Management at the time that the company had “prioritized” the recovery of its booking channels and revenue-generating systems and was able to get those back up and running in a short period of time. 

In its latest update, IHG said that the company was carrying out additional steps to review and "further enhance" its security measures. “External specialists were engaged to investigate the incident, and no evidence of [unauthorized] access to systems storing guest data has been identified. We have also reported the criminal activity to law enforcement. We continue to work closely with our hotels and owners throughout this time.”