Posted on 09/18/2022 8:08:45 PM PDT by BenLurkin
The hacker group from Vietnam called TeaPea contacted BBC and shared information about the hack with the British broadcaster.
"Our attack was originally planned to be a ransomware but the company’s IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead,” one of the hackers said.
A wiper attack is a form of cyber-attack that irreversibly destroys data, documents and files.
The internal database was using Qwerty1234 as its password:
TeaPea say they gained access to IHG’s internal IT network by tricking an employee into downloading a malicious piece of software through a booby-trapped email attachment.
“The username and password to the vault was available to all employees, so 200,000 staff could see. And the password was extremely weak,” they told the BBC.
Surprisingly, the password was Qwerty1234, which regularly appears on lists of most commonly used passwords worldwide.
(Excerpt) Read more at loyaltylobby.com ...
They stole my password!
My password is “password”.
People say no one is stupid enough to use that for their password.
But they’re wrong about that. 🤨
I always use strongpassword and haven’t been hacked yet.
I use my ship and hull number on some sites
I use name of my dog who died 18 years ago.
IHG Intercontinental Hotels Group
IHG In His Grip (Christianity)
IHG International Holdings Group (Dubai, United Arab Emirates)
IHG Iris Hypoplasia with Glaucoma
IHG International Hockey Gang (sports forum)
IHG Incident Handling Guide (security)
Beat me to the punch!
Anyone who would use that as a password is a COMPLETE imbecile. Hard to feel much sympathy for them.
From Tom’s Hardware:
2022:
123456
123456789
qwerty
password
12345
12345678
111111
1234567
123123
qwerty123
1q2w3e
1234567890
DEFAULT
000000
abc123
654321
123321
qwertyuiop
Iloveyou
666666
Let’s just say that none of these top 20 (and there are lots more) should ever be used - even with a ‘!’ at the end.
LOL 😅
Yep, it’s the parent for Holiday Inn.
My account was hacked years ago, when someone used 300,000 of my points to book a week in Tokyo.
No two factor authentication available back then.
I can’t imagine what a week in Tokyo costs nowadays, what with the massive point deflation.
And I'm still angry about someone using my restaurant points to order a couple baskets of wings.
When we will need 2FA to secure our Chili’s or BWW accounts, you know that things have gotten out of hand.
But $tr0nGp@$sw3rd would be ok.
That is a pass phrase. I always use passphrases with character and number substitutions. After a few uses, you can recall the substitutions.
I learned in 1995 from Leo Laporte, the Tech Guy, to always use a password manager and to never learn one’s passwords.
They should have used a stronger password and then pasted it on 200,000 sticky notes stuck to the undersides of keyboards
I use a friend’s old landline number from the eighties. Dialed it a million times, so it’s a physical memory.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.