Joe Tidy is a cyber journalist.
The Holiday Inn owner was the target of a destructive cyber- attack.
They claim to be a couple from Vietnam and first tried a ransomware attack and then deleted large amounts of data when they were stopped.
They were able to gain access to the firm's databases thanks to a weak password.
The case shows the side of criminal hackers that is not always good.
The Holiday Inn, Crowne Plaza and Regent brands are some of the 6,000 hotels owned by I hg.
Customers reported problems with booking and check-in.
The company said that they were undergoing system maintenance for 24 hours.
It told investors that it had been hacked.
Booking channels and other applications have been disrupted.
The hackers, calling themselves TeaPea, contacted the BBC and provided evidence that they had carried out the hack.
The company's internal Outlook emails, Microsoft Teams chats and server directories can be seen in the images.
The company's IT team kept isolating server before we had a chance to deploy it, so we thought to have a joke about it. One of the hackers said they attacked instead.
A cyber- attack that irreversibly destroys data, documents and files is called a "Wrist Attack".
Rik Ferguson, vice-president of security at Forescout, said that even though the company's IT team initially found a way to fend them off, they were still able to damage the company.
He said that the change of tactic seemed to be born out of frustration. They lashed out because they couldn't make money, and that's a betrayal of the fact that we're not talking about professional criminals here.
Customer-facing systems are returning to normal, but services may not be available all the time.
The company and its customers have been disrupted by the hacker.
We don't think we're guilty. The average wage in Vietnam is $300 a month. I'm confident that our hack won't hurt the company.
Corporate data, including email records, is one of the things the hackers have.
TeaPea say they gained access to IHG's internal IT network by tricking an employee into download a malicious piece of software.
They had to get rid of the security prompt message that was sent to the worker's devices.
The criminals accessed the most sensitive parts of the company's computer system after they found login details for the company's password vault.
All employees had access to the vault's password and usernames. The password was very weak according to them.
Qwerty1234 is one of the most commonly used passwords around the world.
"Sensitive data should only be available to employees who need access to that data to do their job, and they should have the minimum level of access needed to use that data," said Mr Ferguson after seeing theScreenshot
If a password is left exposed, it is just as vulnerable as a simple password.
The password vault details were not secure, but the attacker had to evade multiple layers of security, but the spokeswoman wouldn't give details.
She said that Ihg uses a defence-in-depth strategy to information security.