Joe Tidy is a cyber journalist.

Holiday Inn logo and signImage source, Getty Images

The Holiday Inn owner was the target of a destructive cyber- attack.

They claim to be a couple from Vietnam and first tried a ransomware attack and then deleted large amounts of data when they were stopped.

They were able to gain access to the firm's databases thanks to a weak password.

The case shows the side of criminal hackers that is not always good.

The Holiday Inn, Crowne Plaza and Regent brands are some of the 6,000 hotels owned by I hg.

Customers reported problems with booking and check-in.

The company said that they were undergoing system maintenance for 24 hours.

It told investors that it had been hacked.

Booking channels and other applications have been disrupted.

The hackers, calling themselves TeaPea, contacted the BBC and provided evidence that they had carried out the hack.

The company's internal Outlook emails, Microsoft Teams chats and server directories can be seen in the images.

The company's IT team kept isolating server before we had a chance to deploy it, so we thought to have a joke about it. One of the hackers said they attacked instead.

A cyber- attack that irreversibly destroys data, documents and files is called a "Wrist Attack".

Trader on a bicycle with wares protected against the rainImage source, Getty Images
Image caption, The average wage in Vietnam is about $300 (£270) per month

Rik Ferguson, vice-president of security at Forescout, said that even though the company's IT team initially found a way to fend them off, they were still able to damage the company.

He said that the change of tactic seemed to be born out of frustration. They lashed out because they couldn't make money, and that's a betrayal of the fact that we're not talking about professional criminals here.

Customer-facing systems are returning to normal, but services may not be available all the time.

The company and its customers have been disrupted by the hacker.

We don't think we're guilty. The average wage in Vietnam is $300 a month. I'm confident that our hack won't hurt the company.

Corporate data, including email records, is one of the things the hackers have.

Media caption,

How does it work, and what is it called?

TeaPea say they gained access to IHG's internal IT network by tricking an employee into download a malicious piece of software.

They had to get rid of the security prompt message that was sent to the worker's devices.

English computer keyboardImage source, Getty Images
Image caption, Qwerty1234 is a popular password because it comprises the first five letters and the first four numbers of an English keyboard

The criminals accessed the most sensitive parts of the company's computer system after they found login details for the company's password vault.

All employees had access to the vault's password and usernames. The password was very weak according to them.

Qwerty1234 is one of the most commonly used passwords around the world.

"Sensitive data should only be available to employees who need access to that data to do their job, and they should have the minimum level of access needed to use that data," said Mr Ferguson after seeing theScreenshot

If a password is left exposed, it is just as vulnerable as a simple password.

The password vault details were not secure, but the attacker had to evade multiple layers of security, but the spokeswoman wouldn't give details.

She said that Ihg uses a defence-in-depth strategy to information security.