Hacker Group Desorden Breaches Central Retail Corporation

Updated: 2 November 2021
Updated: 2 November 2021

Fact-checked by

Today the hacker group Desorden announced yet another breach against one of Central Group’s subsidiaries. This time the hackers breached Central Retail Corporation.

Central Retail Corporation is a corporation listed on Thailand’s Stock Exchange that operates supermarkets, convenience stores, shopping malls, department stores, and consumer goods under a range of popular brands.

Central Retail Corporation is part of Central Group which is a conglomerate owned by one of the richest families in Thailand.

This is now the third attack carried out by the hackers against Central Group.

Today the hackers have announced that they managed to breach Central Retail Corporation servers and have obtained databases with information such as billing system data and sensitive information of over 68,500 vendors.

Desorden Central Relatil Corporation Hack

New Breach in Retaliation of Cenrtal Group Breaking an Agreement

Desorden explained via email to Privacy Affairs that this latest attack was in retaliation to Central Group breaking their agreement to pay a ransom of $900,000 demanded after an earlier breach.

The hackers claim that earlier this month Central Group management agreed to pay a ransom of $900,000 in order for the hackers to help Central patch critical vulnerabilities.

Desorden claims that on the day of payment Central Group rescinded the alleged deal and refused payment.

Two days ago both Central Group and Desorden announced that Desorden breached Central’s hotel division, ‘Centara Hotel Group’.

Central Group, however, seriously downplayed the severity of this breach, something that prompted the hackers to release a batch of stolen data that revealed sensitive information on hotel guests and hotel financials.

Central Group has so far not commented on the alleged ransom demand and deal.

Who Are Desorden?

Desorden appears to be a new hacker group that gained prominence in fall 2021 after a string of high profile data breaches.

In September and October 2021 Desorden carried out a string of attacks against targets such as Acer Taiwan, Acer India, SkyNet.com.my Malaysia Logistics, ProTempts and ABX Express Enterprise.

The hackers explained that their attacks are financially motivated and target supply chains and bigger companies.

Currently, this is all that is publicly known about this new hacker group.

Written by: Miklos Zoltan

Connect with the author:

Founder & CEO Privacy Affairs

Miklos Zoltan is the founder and CEO of Privacy Affairs. Miklos has long-time experience in cybersecurity and data privacy having worked with international teams for more than 10 years in projects involving penetration testing, network security and cryptography.

Miklos founded Privacy Affairs in 2018 to provide cybersecurity and data privacy education to regular audiences by translating tech-heavy and "geeky" topics into easy-to-understand guides and tutorials.

Leave a Reply

Your email address will not be published.