Data of Millions of Tourists and Guests Exposed After Hotel Chain Data Breach

Miklos Zoltan

By Miklos Zoltan . 8 August 2022

Founder - Privacy Affairs

The notorious hacker group Desorden announced today that they breached the popular luxury hotel chain ‘Centara’ servers.

The hacker group Desorden revealed today that they have hacked the international hotel chain ‘Centara Hotel Group’ and succeeded in stealing over 400 GB of confidential data.

Centara is owned by the holding company Central Group’, which owns the restaurant group ‘Central Restaurants.’ They were also hit with a hack by Desorden earlier this month.


  • Hacker group Desorden claims to have hacked mega hotel chain Centara
  • Centara acknowledges the security breach but downplays the attack.
  • In response, hackers release data showing the personal details of
    millions of hotel guests.
  • Hackers declare a ransom deal of $900,000 was accepted initially but
    later rescinded by the hotel chain.
  • Exposed data shows the personal information of hotel guests,
    including the sum of money they have spent at the franchise.
  • The leaked data is primarily on Australian and New Zealand citizens,
    including government officials.

Hackers claim that data was released and published because the hotel chain refused to pay a previously accepted ransom payment of $900,000.

Desorden Thai Hotel Hack

Centara confirmed the data breach in a blog post today but downplayed the security and data breach severity.

This hack comes only one day after Desorden revealed it hacked Thailand’s Central Restaurants Group, also owned by the parent company Central Group.

Hackers Dispute Claims Made by Hotel Chain

In an email interview with Privacy Affairs, Desorden revealed that some of the claims made by the hotel group in their blog post are inaccurate.

In their blog post, Centara writes that they engaged a reputable cybersecurity consultant to conduct a thorough investigation immediately after finding out about the breach and that only “general personal data” was affected.

Desorden alleges that they notified Centara and pointed out they still have full access to Centara data. They again hacked into the five affected servers.

Desorden comments that they started negotiations with Centara on 16 October regarding a possible ransom payment.

Desorden further disputes the claims that the breach impacted only a limited section of the Centara network.

The hackers allege that they have “basically brought down their entire backend,” which consists of 5 servers, and that over 10 days, they managed to steal over 400 GB of very sensitive data.

Desorden Thai Hotel Breach

Desorden alleges that this data includes the personal information of several million hotel guests.

In an email to Privacy Affairs, Desorden commented that:

“Basically, anyone who has ever stayed at any of their 70 luxury hotels between 2003 to 2021 has been compromised, and we mean luxury first-class hotel guests”

According to the hackers, the 400 GB of data also includes all the hotel chain’s financial, corporate, and employee data.

Desorden alleges that they “wiped their network of 5 servers in the heist”.

In the email to Privacy Affairs, Desorden further disputes the Centara blog post’s use of the term “general personal data” when referring to the data that was stolen.

The hackers claim that, in actuality, the stolen data includes information such as names, passport numbers, id numbers, phone numbers, email addresses, and check-in/departure times.

Hackers Demand $900,000 Ransom Payment

Desorden alleges that on 26 October 2021, they reached an agreement with the hotel chain to receive a sum of $900,000 not to release the hijacked data. However, the hackers claim that the victim rescinded this deal in the end, and as such, they will be releasing all the data.

The hacker group posted a sample of the stolen data evaluated and authenticated by Privacy Affairs.

The leaked data includes details such as guests’ full names, emails, phone numbers, dates on which they stayed at various Centara-owned hotels, and the total amount of money they spent at the hotel.

This includes names and details of high-profile guests, many of which have spent over $100,000 at various Centara-owned hotels.

Personal details of various government officials – mainly from Australia and New Zealand – who at one point stayed at the hotel were also leaked.

We have reached out to Centara for comment regarding these allegations.

This new leak comes just one day after Desorden announced they managed to breach Central Restaurants Group in Thailand, affecting more than 2,000 restaurants and their clients’ private data.

Most stolen data of this kind ends up being sold on dark web hacker forums.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment