A fraudulent website, “9near.org”, where 55 million records of stolen data was published has claimed responsibility for the attack. The personal information of 55 million Thai citizens was seized in a serious breach and published over the website. The web address to the site is now blocked, limiting more sharing of the information across the dark web. The court order will be strict too on any other sites found to be the origin where data is reshared.
The citizens’ data were vaccine registration records on a national database potentially from the Public Health Ministry’s Immunization Centre.
The Digital Economy and Society (DES) Ministry is working on taking action to catch the individual responsible for the data hack and pursue prosecution.
The breach stole data including personal identifiable information (PII) like people’s full names and dates of birth, identity documents, ID card numbers and phone numbers.
A blog published by Resecurity reports the breach whilst finding a “significant drop in incidents of data breaches” in Indonesia from 2022-2023. The hackers hiding behind anonymity of the World Wide Web said the attack could be attributed to them. It starts a rising trajectory again of reported data breaches. Whether the figure is just low between 2022-2023 or reports were not made and recorded, “for every thousand people in Thailand, about 6.8 instances of data exposure”. The figures might have been as low as 1% in the first quarter of 2023.
