AAHOA demands answers from IHG after ransomware attack

Two weeks ago, parts of InterContinental Hotels & Resorts' technology systems were “subject to unauthorized activity” as part of a reported ransomware attack, causing disruptions to its booking channels and other applications. 

AAHOA has released a statement about the effects of the attack, noting that hotel franchisees—“including many AAHOA members”—across the country reported a complete shutdown in guestroom bookings during this outage. Many of these franchisees, the group noted, are small business owners “who can ill afford to write off unexpected losses in bookings,” especially given the losses caused by the COVID-19 pandemic.

The association’s leadership is now calling for "an explanation" and a way for owners to recoup their losses due to the outage. “IHG owes its franchisees transparency,” AAHOA President and CEO Laura Lee Blake said in a statement. “IHG has not been forthcoming in explaining the outage to AAHOA-member hotel owners, who bore the brunt of revenue losses from bookings missed due to the disruptions. As the world’s largest hotel trade association, we speak for thousands of small business owners who deserve an explanation, as well as being made whole for these preventable losses.”

AAHOA members, the statement continued, are “rightly concerned” about the privacy of guests’ financial and personal data: “To maintain the trust and confidence of its current and future customers, and that of its franchisee community, IHG must shore up its booking systems to prevent future data security breaches and provide more transparency into what happened and how IHG plans to move forward.”

In response to AAHOA’s statement, an IHG spokesperson told Hotel Management that the company had “prioritized” the recovery of its booking channels and revenue-generating systems and was able to get those back up and running in a short period of time. “Our security measures following the unauthorized activity in our technology systems are continuing,” the spokesperson said. “We are working closely with our technology suppliers and external specialists have also been engaged to investigate the incident. At this time, we have not identified any evidence of unauthorized access to guest data. We remain focused on supporting our hotels and owners.”