Central Restaurants Group

Central Restaurants Group

Desorden Group hit Central Restaurants Group (CRG) in Thailand after it brought down their entire backend, which consists of 5 servers.

The data included hotel guest data included name, passport number, id number, phone, email, (some had the address of residence), check-in/departure time, etc., and also membership card details of Mister Donut, employee details, daily sales records of what they describe as thousands of restaurant outlets, and vendor purchase order details.

They investigated the incident and took preventive steps.

Source: https://www.databreaches.net/central-restaurants-group-in-thailand-hit-by-desorden/

TPRM report: https://scoringcyber.rankiteo.com/company/central-restaurants-group-co-ltd-

"id": "cen2015231222",
"linkid": "central-restaurants-group-co-ltd-",
"type": "Breach",
"date": "10/2021",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Hospitality and Restaurants',
                        'location': 'Thailand',
                        'name': 'Central Restaurants Group (CRG)',
                        'type': 'Organization'}],
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Identifiable '
                                              'Information (PII)',
                                              'Membership details',
                                              'Employee information',
                                              'Sales records',
                                              'Purchase order details']},
 'description': 'Desorden Group hit Central Restaurants Group (CRG) in '
                'Thailand after it brought down their entire backend, which '
                'consists of 5 servers. The data included hotel guest data, '
                'membership card details of Mister Donut, employee details, '
                'daily sales records of thousands of restaurant outlets, and '
                'vendor purchase order details.',
 'impact': {'data_compromised': ['Hotel guest data (name, passport number, id '
                                 'number, phone, email, address of residence, '
                                 'check-in/departure time)',
                                 'Membership card details of Mister Donut',
                                 'Employee details',
                                 'Daily sales records of thousands of '
                                 'restaurant outlets',
                                 'Vendor purchase order details'],
            'systems_affected': '5 backend servers'},
 'investigation_status': 'Investigated and preventive steps taken',
 'threat_actor': 'Desorden Group',
 'title': 'Desorden Group Cyber Attack on Central Restaurants Group',
 'type': 'Cyber Attack'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.