{ "id": "8dc9eac2-4c20-4507-8837-7ac8e251933b", "created_at": "2026-04-09T02:22:43.818036Z", "updated_at": "2026-04-10T13:12:07.727483Z", "deleted_at": null, "sha1_hash": "083b6d389d7f837831056bedbf919bb59976b260", "title": "Central Restaurants Group in Thailand hit by Desorden - DataBreaches.Net", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 30154, "plain_text": "Central Restaurants Group in Thailand hit by Desorden -\r\nDataBreaches.Net\r\nPublished: 2021-10-26 · Archived: 2026-04-09 02:06:50 UTC\r\nThe Desorden threat actors have been busy, it seems, as they have announced an attack on Central Restaurants\r\nGroup (CRG) in Thailand.\r\nThe attack, with proof of claim, was posted on a popular hacking forum and sent to DataBreaches.net.  The proof\r\nof claim files included membership card details of Mister Donut,  employee details, daily sales records of what\r\nthey describe as thousands of restaurant outlets, and vendor purchase order details.\r\nForum listing\r\nImage: DataBreaches.net\r\nThe employee-related spreadsheet contained more than 2000 records with fields that included: emp_id,\r\nperface_id, thai_fname, thai_lname, eng_fname, eng_lname, username, nickname, email, and phone number, as\r\nwell as other details.\r\nCRG is linked to a number of popular restaurant brands, including Mister Donut, Kentucky Fried Chicken, Auntie\r\nAnne’s, ColdStone Creamery, and others.\r\nCRG Brands\r\nSource: crg.co.th/\r\nAn email sent to the firm’s data protection office this morning asking them whether they would confirm the\r\nclaimed attack was not immediately returned.  This post will be updated if or when a reply is received.\r\nSource: https://www.databreaches.net/central-restaurants-group-in-thailand-hit-by-desorden/\r\nhttps://www.databreaches.net/central-restaurants-group-in-thailand-hit-by-desorden/\r\nPage 1 of 1", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "origins": [ "web" ], "references": [ "https://www.databreaches.net/central-restaurants-group-in-thailand-hit-by-desorden/" ], "report_names": [ "central-restaurants-group-in-thailand-hit-by-desorden" ], "threat_actors": [ { "id": "e5ccc758-f2a5-417b-ba5c-70edf39bc048", "created_at": "2022-10-25T16:07:24.481513Z", "updated_at": "2026-04-10T02:00:05.005021Z", "deleted_at": null, "main_name": "Desorden", "aliases": [], "source_name": "ETDA:Desorden", "tools": [], "source_id": "ETDA", "reports": null }, { "id": "b4f79ca0-e94b-4abe-a61e-ea3d2a2458ad", "created_at": "2022-10-25T16:07:24.444096Z", "updated_at": "2026-04-10T02:00:04.994412Z", "deleted_at": null, "main_name": "ALTDOS", "aliases": [ "0mid16B", "ALTDOS", "Desorden", "GHOSTR" ], "source_name": "ETDA:ALTDOS", "tools": [ "Agentemis", "Cobalt Strike", "CobaltStrike", "cobeacon" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775701363, "ts_updated_at": 1775826727, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/083b6d389d7f837831056bedbf919bb59976b260.pdf", "text": "https://archive.orkl.eu/083b6d389d7f837831056bedbf919bb59976b260.txt", "img": "https://archive.orkl.eu/083b6d389d7f837831056bedbf919bb59976b260.jpg" } }