Exploit: Ransomware
Centara Hotels & Resorts: Hotel Chain
Risk to Business: 1.637 = Severe
The Desorden ransomware group claims to have stolen over 400GB of files and databases containing information belonging to millions of hotel guests of Thailand’s Centara Hotels & Resorts. The hotel chain is part of Central Group, a conglomerate that also includes the Central Restaurants Group, which it hacked earlier this month. The hackers made it clear that this attack was in retaliation for the Central Group’s refusal to pay the ransom for the first attack after negotiating and promising payment. That incident would have provided a ransom payment of $900,000 before Central Group backed out of the deal on Tuesday, spurring the second attack.
Individual Risk: 1.818 = Severe
The company admitted that attackers had in fact breached their system and accessed the data of some customers. The data accessed includes names, booking information, phone numbers, email addresses, home addresses, and photos of IDs. Whether or not passport data was included was not specified but it is commonly requested. The theft is said to have affected guests who stayed at the hotel chain between 2003 and 2021, including any guests that made advanced bookings up to December 2021.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Big pools of information are catnip to ransomware gangs, especially highly desirable PII or credit card data.
Source: news hitb