Hackers Breach Thailand's Central Restaurants Group

By Miklos Zoltan . 8 August 2022

Founder - Privacy Affairs

2 Comments

The hacker group Desorden announced today that it had breached Thailand’s Central Restaurants Group’s servers, releasing more than 80GB of data.

Central Restaurants Group is a Thai restaurant chain with over 2,000 restaurants under its management and 12 brands, including KFC, Mister Donut, and Pepper Lunch.

Privacy Affairs was today contacted by the hacker group known as Desorden, who revealed that they have recently hacked one of Thailand’s biggest restaurant chains, Central Restaurants Group.

The hackers have stolen over 80 GB of files and databases from the restaurant chain’s network. This data includes sensitive customer information such as the name, date of birth, phone number, email, and ID number of affected individuals.

The stolen data also includes sensitive corporate information such as membership records, financial records, and records of daily transactions across more than 2,000 individual restaurants.

Leaked customer information appears to have last been updated on October 2021.

Information related to corporate financial details appears to be as recent as 26 October 2021, indicating that at least parts of the alleged hack took place even today.

The leaked data was also posted on a popular dark web hacker forum.

Privacy Affairs managed to review the leaked files, and we determined that the hack was genuine.

We have reached out to Thailand’s Central Restaurants Group, notifying them about the data breach and asking them for comments.

A String og High-Profile Hacks

Desorden is a hacker group that first came to be known in September 2021 after it managed to hack the servers of the Malaysian division of ABX Express Enterprise and later SkyNet.com.my Malaysia Logistics.

This was followed by the hacks against Acer India and Acer Taiwan – stories first broken here on Privacy Affairs.

In an email to Privacy Affairs on October 18, Desorden commented that they “mainly target supply chain and bigger companies” and that their attacks are financially motivated.

At present, not all of the 80 GB data was released, but Desorden commented on a hacker forum that more leaks are to come shortly.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Founder & CEO Privacy Affairs

Miklos Zoltan is the founder and CEO of Privacy Affairs. Miklos has long-time experience in cybersecurity and data privacy having worked with international teams for more than 10 years in projects involving penetration testing, network security and cryptography.

Miklos founded Privacy Affairs in 2018 to provide cybersecurity and data privacy education to regular audiences by translating tech-heavy and "geeky" topics into easy-to-understand guides and tutorials.

Miklos Zoltan

2 Comments

Anonymous

October 27, 2021 2:58 pm

Do we know where are désorden originated ?
- Miklos Zoltan
  
  October 27, 2021 3:02 pm
  
  No. Naturally they won’t release this information or comment on this when asked. Usually they are active on hacker forums and are also known to contact journalists when they announce a hack.

Cookie	Duration	Description
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_omappvp	1 year 1 month 4 days	The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs	20 minutes	The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.

Hackers Breach Thailand’s Central Restaurants Group, Hack Affects Over 2,000 Restaurants

A String og High-Profile Hacks

Our Mission

Miklos Zoltan

2 Comments

Leave a Comment Cancel