Parts of InterContinental Hotels Group’s technology systems were breached on Monday, the hotel company announced and confirmed in a filing to the London Stock Exchange.
The “unauthorized activity” followed scheduled maintenance of IHG’s app and website Sunday night, according to the release. “IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident.”
Experts suggested the attack could be ransomware-related, according to DataBreaches.net.
While it remains unclear what type of data was stolen, the breach appears to have been limited to IHG’s homepage and app. Nevertheless, it has negatively impacted individual bookings and loyalty account-holder information across IHG’s 17-brand portfolio, including Crowne Plaza, Holiday Inn, InterContinental, Kimpton and others.
A message to customers on the Holiday Inn website earlier this week said, “At this time, you may have challenges booking a new reservation, accessing information about your upcoming reservations and accessing your IHG One Rewards account.” At press time, the message appears to have been removed.
This latest data breach is not IHG’s first, and shortly follows Marriott International’s third—and most recent—incident in four years, adding to an already-notable uptick in fraudulent online activity within the lodging industry.
IHG also noted authorities are investigating the breach. The company said it would share more information once “appropriate” and would support hotel owners and operators during the service disruption. The company emphasized that IHG’s hotels are still able to operate and to take reservations directly via telephone.