Hackers Breach Thailand’s Central Restaurants Group, Hack Affects Over 2,000 Restaurants

Updated: 27 October 2021
Updated: 27 October 2021

Fact-checked by

The hacker group Desorden announced today that it had breached Thailand’s Central Restaurants Group’s servers releasing more than 80GB of data.

Central Restaurants Group is a Thai restaurant chain with over 2,000 restaurants under its management and 12 brands including KFC, Mister Donut and Pepper Lunch.

Privacy Affairs was today contacted by the hacker group known as Desorden who revealed that they have recently hacked one of Thailand’s biggest restaurant chains, Central Restaurants Group.

The hackers appear to have stolen over 80 GB of files and databases from the restaurant chain’s network. This data includes sensitive customer information such as name, date of birth, phone number, email and ID number of affected individuals.

The stolen data also includes sensitive corporate information such as membership records, financial records and records of daily transactions across more than 2,000 individual restaurants.

Desorden Thailand Hack

Leaked customer information appears to have last been updated on October 2021.

Information related to corporate financial details appears to be as recent as 26 October 2021, indicating that at least parts of the alleged hack took place even today.

The leaked data was also posted on a popular hacker forum.

Desorden Thailand Hack

Privacy Affairs managed to review the leaked files and we determined that the hack is genuine.

We have reached out to Thailand’s Central Restaurants Group notifying them about the data breach and asking them for comments.

A String og High-Profile Hacks

Desorden is a hacker group that first came to be known in September 2021 after it managed to hack the servers of Malaysian division of ABX Express Enterprise and later SkyNet.com.my Malaysia Logistics.

This was followed by the hacks against Acer India and Acer Taiwan – stories first broken here on Privacy Affairs.

In an email to Privacy Affairs on October 18, Desorden commented that they “mainly target supply chain and bigger companies” and that their attacks are financially motivated.

At present, not all of the 80 GB data was released but Desorden commented on a hacker forum that more leaks are to come in the near future.

Written by: Miklos Zoltan

Connect with the author:

Founder & CEO Privacy Affairs

Miklos Zoltan is the founder and CEO of Privacy Affairs. Miklos has long-time experience in cybersecurity and data privacy having worked with international teams for more than 10 years in projects involving penetration testing, network security and cryptography.

Miklos founded Privacy Affairs in 2018 to provide cybersecurity and data privacy education to regular audiences by translating tech-heavy and "geeky" topics into easy-to-understand guides and tutorials.

2 thoughts on “Hackers Breach Thailand’s Central Restaurants Group, Hack Affects Over 2,000 Restaurants”

  1. Anonymous says:

    Do we know where are désorden originated ?

    1. Miklos Zoltan says:

      No. Naturally they won’t release this information or comment on this when asked. Usually they are active on hacker forums and are also known to contact journalists when they announce a hack.

Leave a Reply

Your email address will not be published.