Details of some 100 million visitors to Thailand exposed online: research firm
- British firm Comparitech said any foreigner who has travelled to Thailand in the last decade ‘might have had their information exposed’
- Thai authorities ‘maintain the data was not accessed by any unauthorised parties’, it said in a report
Britain-based consumer security firm Comparitech said in a report that its head of cybersecurity research, Bob Diachenko, found a database in August containing the personal information of travellers to the kingdom.
He said “any foreigner who travelled to Thailand in the last decade might have had their information exposed in the incident”, including their name, passport number and residency status.
Comparitech said Diachenko also found his own name and details about his entries into Thailand on the database, which contained information dating back to 2011.
Thai authorities were informed on August 22 and secured the data the following day.
“However we do not know how long the data was exposed prior to being indexed,” said the report.
Did tourists’ bad behaviour in Bali prompt minister’s idea to ban backpackers?
Thai authorities “maintain the data was not accessed by any unauthorised parties”, it added.
Thailand’s Cyber Crime Investigation Bureau said it was unaware of the incident but was looking into it.
While Thais are largely internet-savvy, their government is no stranger to data leaks and information breaches.
01:03
Once-bustling Bangkok market deserted as Thailand struggles with its worst wave of Covid-19
The Insikt Group, the threat research division of Massachusetts-based Recorded Future, said it discovered the hack in April when it detected malware servers operated by the “Mustang Panda” group communicating with hosts inside Indonesian government networks.
The activity targeted the intelligence agency Badan Intelijen Negara (BIN), as well as nine other Indonesian government organisations, Recorded Future said.
“We assess that this activity is very likely linked to the Chinese state-sponsored threat activity group Mustang Panda based on our continued tracking of Chinese state-sponsored cyberespionage activity,” the company said in an email to AP.
Malaysia, Indonesia warn Australia’s Indo-Pacific pact could trigger arms race
Chinese government offices were closed on Monday for the Mid-Autumn Festival and could not be reached, but authorities have consistently denied any form of state-sponsored hacking and said China itself is a major target of cyberattacks.
Recorded Future said its experts traced the hack back to as early as March, and the last observed date of the intrusion was August 20. “We have not seen additional activity targeting BIN since that date,” it said.
After being notified by Recorded Future, BIN investigated the suspected breach together with other agencies and related stakeholders, but found “our server is safe and under control, there is no indication that it was hacked by suspected Chinese hackers”, said Wawan Hari Purwanto, a deputy chief and spokesman for the agency.
BIN coordinates information sharing and operations for Indonesia’s other intelligence agencies, as well as conducting its own operations.