·Hotel owners who have joined have estimated that the average loss caused by a cyber attack is between $30,000 and $75,000, and IHG has about 6,000 hotels worldwide;
·Hotel owners want compensation and details of the incident, and have filed a class action lawsuit against InterContinental Hotels Group.
The recent cyberattack against the InterContinental Hotels Group has impacted the business of franchisees, leading to angry customers, lost revenue and even a potential class-action lawsuit.
Cyberattack causes severe disruption to booking system
On September 6, InterContinental Hotels Group said it detected unauthorized activity in its technology systems, causing significant disruptions to reservations and other systems. Data protection has been taken measures recently.
Hotel owners received an email from IHG executives explaining that the attack would shut down the online booking system. As IHG did not share any details of the data breach sparked by the hack, hotel owners as its franchise partner were simply unable to deal with the outbursts of anger and frustration from customers.
Laura Lee Blake, president and CEO of the Asian American Hotel Owners Association, which represents about 20,000 hotel owners across the U.S., said, “They should at least share a little bit of information, or hotel owners will be left in the dark for days on end, not knowing how to make ends meet. What's wrong with the operating system?"
The cyber attack may have affected IHG's supply chain, customers and numerous franchisees. According to the official website of InterContinental Hotels Group, the group has 17 hotel brands and 6,000 hotels around the world. Just last year, a ransomware attack against US software company Kaseya also spread to customers in multiple countries.
An InterContinental Hotels & Resorts spokesperson said, “We have not found evidence of unauthorized access to guest data. We remain focused on supporting our hotels and owners and will regularly update owners and hotel management teams during the incident. Information." IHG's well-known hotel brands include Holiday Inn, Staybridge Suites and InterContinental.
Hotel owners suffer heavy losses, have filed a class-action claim
Hotel owners say they have been overwhelmed by angry customers whose bookings have failed due to cyberattacks. Ms. Blake also revealed that members of the Asian American Hotel Owners Association responded to an investigation into the attack. The owners, who each own two to five hotels, estimated the average cost of the attack to be between $30,000 and $75,000, based on metrics such as bookings in recent weeks, bookings from the same period last year, and bookings from competitors. Fortunately, the technical system has now resumed operation.
"The hotel owners want to be compensated for this because the cyber attack was not their fault," Blake said.
Vimal Patel, president and CEO of QHotels Management, the owner of a Holiday Inn in Louisiana, said they encountered an emotional customer who asked the hotel to explain how to handle a guest's credit card.
Caber attacks are not curable in a single day. To avoid harm from cyberattacks, a long-term commitment to data security is required. Long-term data backup is necessary for good data security. Traditional data backup solutions are becoming more unsuitable for meeting corporate objectives as modern businesses and the volume of firm data grow. As a result, many businesses will choose for virtual computers to backup their data, such as VMware Backup or Hyper-V Backup.
On September 15, Patel and several other hotel owners filed a class-action lawsuit against IHG in Atlanta District Court.
"When we're not being hacked, we need to worry about our financial stability at all times," Patel said.
The suit alleges that IHG's franchisees have been paying monthly fees to use the reservation technology offered by the group.
In addition to demanding compensation for franchisees, Patel also wants IHG to explain what data was exposed by the cyberattack and why the accident happened. He believes that IHG's executives should be held responsible for the poor state of cybersecurity.
Hotel chains are popular targets for cyberattacks
Hotel chains are popular targets for malicious hackers, and they contain large amounts of customer personal and financial information. In recent years, Marriott has encountered a number of violations. In 2016, InterContinental Hotels Group agreed to pay more than $1.5 million in a related class action lawsuit in 2020 after a cyberattack led to the breach of customer credit card data.
Allie Mellen, a senior analyst at research firm Forrester, said that in addition to the immediate technical issues, franchisees could face other consequences from cyberattacks. For example, when applying for online insurance, the service provider will charge them a higher premium. The laws of many jurisdictions also have provisions that require hacked businesses to notify regulators and affected individuals when they discover a personal data breach.
But Ms Blake admits that most companies are often reluctant to disclose the details of a cyber attack, especially if their existing security measures are inadequate. But withholding important details can also damage customer trust, "which is very harmful to the business side."
She concluded in the end, "There are always people hiding their ears and thinking that as long as they don't take the initiative to take responsibility, others will not know how bad the situation is."