DESORDEN has hit another big business in Thailand. This time it is the largest cinema chain and its subsidiary property development company.
As DESORDEN informs DataBreaches, the Major Development PCL was breached during the first week of August and contacted by DESORDEN on August 17.
“The management refused to respond and we attacked their main cineplex business (Major Cineplex) on 19th August and informed them on 28th August 2022.”
Both breaches reportedly involved the acquisition of corporate, financial, employee, and customer data as well as personal information of buyers of properties.
As is their usual practice, they assert that they did not deploy any encryption and did not delete any files or backups during the attack.
According to DESORDEN, they acquired hundreds of thousands of Major Cineplex’s MPass members. DataBreaches is as yet unable to verify that estimate. As of publication, they have not yet posted anything on the popular hacking forum where they generally announce any leaks or sales offerings.
As proof of acquisition of customer and property buyer data, DESORDEN provided DataBreaches with two Excel files, each with 1,000 records. One was for MPass members from Cineplex, and the other was for the Major Development CSProfile database.
The Mpass member data included membership ID number, first and last name, mobile phone number, email address, username, and birthdate.
DataBreaches was able to validate the data by using MPass’s website where members can enter their email address to access their membership information. The results of a sample of searches produced corresponding member data. In each case, the records were partially redacted as they appeared on MPass’s site, but they matched the unredacted fields in the spreadsheet. DataBreaches has provided additional redaction, below:
The second data set was from the Major Development CSProfile data set. Those records included fields that include first and last name, nickname, mobile phone number, gender, email address, birthdate, citizen ID, and member password, with some other fields. DataBreaches does not know whether these are all property buyers or just leads to potential buyers, or both. DataBreaches made no attempt to verify the data in this second spreadsheet at this time.
DataBreaches reached out to both Major Development PCL by email and Multiplex Cinema by contact form yesterday to inquire about DESORDEN’s claims and their response to any hack. No replies have been received and nothing appears posted on their websites at this time.