Just a few days after a cyberattack committed by a group of hackers towards the Holiday Inn hotel group was confirmed, the consortium itself announced that unauthorized access to its systems was made, later the alleged group of hackers contacted the BBC to tell their version of the story, in which, they stressed that a password classified as “weak” was used.
Qwerty1234 was the key that was used in Holiday Inn’s reservation and check-in systems, although it should be noted that the hackers themselves detailed that the easy-to-crack password was not a factor for them to perform the act, but chose to implement ransomware methods, data deletion, among other illegal tactics.
Those allegedly responsible would be from Asia, particularly in Vietnam, where they are known as TeaPea. The hackers would work as a couple and contacted the media to tell their way of violating the system of one of the largest hotel chains worldwide, while making it clear that the attack was done for fun. They also pointed out that the company’s defensive tactics took effect and were removed from the server, but not before deleting a database.
As in many of these stories, an employee had an important factor, he was tricked via email into downloading malicious software via an attachment. Initially, the hackers wanted to hijack data from the hotel consortium, however, not being able to do so by the defense systems, they chose to delete content.
To confirm that the hackers were telling the truth, the BBC was able to obtain screenshots where the existence of internal emails, Microsoft Teams chats and even directories of the company’s servers were verified. TeaPea claimed not to have stolen any customer data.
As of the 2020 cutoff, password manager NordPass reported that the most common key globally was “123456” with up to 2 million people using it. In addition, the list included “123456789”, “picture1”, “password”, as well as some particular ones such as “qwerty”, “iloveyou”, “pokemon”, “samsung” or “naruto” to mention some within the top 200.