A chain of luxury hotels in Thailand is reporting a data breach thanks to a notorious group of cybercriminals who have been behind a spate of attacks in recent weeks.
Thirayuth Chirathivat, CEO of Centara Hotels & Resorts, said in a statement that he was “made aware” on October 14 of a cyberattack on the hotel chain’s network.
An investigation confirmed that cyber attackers had in fact breached their system and accessed some customers’ data. The data consulted includes names, reservation information, telephone numbers, e-mail addresses, home addresses and photos of identity documents.
The company did not say whether the IDs it viewed included passports, which are often requested by hotels like Centara Hotels & Resorts.
“Although the breach has been successfully contained, the investigation into the source, root cause and full extent of the incident remains ongoing and we will provide more information when available,” Chirathivat said. .
Chirathivat then urged hotel guests to “change their passwords as soon as possible and stay aware of any suspicious or unsolicited calls and / or emails requesting personal information.”
âWe can confirm that Centara Hotels & Resorts will not contact you to ask for personally identifiable information,â Chirathivat added, noting that anyone with questions should email or call the hotel.
The Desorden Group, which claimed responsibility for two recent attacks on laptop maker Acer, said it was behind the attack on Centara Hotels & Resorts.
In addition to the Centara Hotels & Resorts hack, Desorden claimed to have hacked the servers of Central Group, which owns the hotel chain and more than 2,000 restaurants across Thailand. This breach involved 80 GB of files, including personal customer information and business details for each restaurant.
In messages to ZDNet, the group claimed the hotel hack was part of the larger attack on Central Group. Central Group is owned by the $ 11.6 billion Chirathivat family. The family, led by Tos Chirathivat, controls thousands of food, fashion, real estate and building material businesses across Thailand.
The hacker group, which has attacked a number of companies across Asia in recent years, did not answer questions about whether it was a ransomware attack, but claimed it was they “had basically shut down their entire backend, which is made up of 5 servers.”
They said they stole 400 GB of files in 10 days and added that the data included information on anyone who stayed at any of the 70 luxury hotels owned by the Thai conglomerate between 2003 and 2021. They claimed the data included the passport numbers of the persons. and identification numbers. There was even data from people who had booked in advance until December 2021.
The stolen files would also contain business data and employee information.
The group attempted to claim that they were “helping” the hotel by showing them how they could “mitigate future attacks” and said it was they who informed the company that they had been hacked.
Operators linked to Desorden said they were negotiating a ransom payment of $ 900,000, but the company withdrew from the deal on Tuesday. The group is now threatening to release the information.
Centara Hotels & Resorts and Central Restaurants Group did not respond to requests for comment on the hackers’ allegations.
The Desorden group also claimed responsibility for an attack on ABX Express Enterprise’s Malaysian servers in September.