IHG said parts of its technology systems had been subject to "unauthorised activity", causing significant disruption to its booking channels and other applications.
The disruption began on Monday (5 September), said IHG, and was ongoing as of its statement issued at 3.45pm on Tuesday.
"IHG has implemented its response plans, is notifying relevant regulatory authorities and is working closely with its technology suppliers. External specialists have also been engaged to investigate the incident," read the group’s statement."
The statement continued: "IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident. We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG’s hotels are still able to operate and to take reservations directly. A further update will be provided as and when appropriate."
IHG did not disclose whether any sensitive, private or personal data had been compromised. If it is found to have failed to prevent any such data being accessed, it could face a substantial fine.
Marriott International was eventually fined £18.4 million by the Information Commissioner’s Office following a 2014 cyber attack on Starwood Hotels and Resorts’ systems which wasn’t discovered for four years, eventually coming to light in 2018 following Marriott’s acquisition of the brand in 2016.
