Centara Hotels and Resorts, the luxury chain in Thailand, confirmed a data breach this month at the hands of the infamous hacker Desorden Group. The CEO, Thirayuth Chirathivat, said the hack was detected October 14 and an investigation confirmed that guest details had been compromised.
Names and ID photos, booking information, email addresses, phone numbers and home addresses have all been exposed, with fears that the ID photos could be of passports as hotels often ask for a copy at check-in. Centara’s CEO confirmed that the leak has been contained and the data breach secured, the extent and cause of the breach are still under investigation.
Guests of the Centara chain are urged to change their passwords and keep an eye out for any suspicious phishing emails or phone calls that may take advantage of the data to try to gather more personal information. Thirayuth confirmed that the hotel staff will not be directly contacting any customers requesting personal information, so any such contact is fraudulent.
Desorden Group claimed responsibility for the Centara data breach after recently attacking laptop brand Acer twice, and they claim to have also breached the servers of Centara’s parent company, Central Group that owns more than 2,000 restaurants and hotels in Thailand. The Chirathivat family that controls that group maintains restaurants, hotels, properties, fashion companies and building materials and is worth US $11.6 billion..
The hacker group claims to have compromised 80 gigabytes of personal information of customers as well as business details of the Central Group’s restaurants. Desorden Group told ZDNet that over 10 days they compromised 5 servers in total with 400 GB of files total and collected data from everyone who stayed at any of the 70 hotels in the Centara chain from 2003 until now. They say the data includes passport and ID numbers as well as employee data and corporate information.
Desorden Group says they were merely exposing the security weakness in the Centara and Central Group and that they were the ones that alerted the company of the breach. But other sources claim to be attempting to negotiate a US $900,000 ransom payment or the information will be leaked.