The National Health Security Office (NHSO) has denied any data breach after reports on Discord alleged that NHSO data and APIs were available for sale. Pratueang Paodit, NHSO's assistant secretary-general, stated that comprehensive checks by their cybersecurity team, in collaboration with external experts, found no evidence of data leakage. Technical analysis showed no signs of hacking or unauthorized data extraction.
Get today's headlines by email ![]()
Recent claims had suggested that NHSO data was being sold online; however, investigations revealed these claims were not linked to any breach of NHSO's systems. The technical team believes the data may have been compiled from other sources and falsely attributed to NHSO to add credibility. Mr. Paodit emphasized that NHSO systems were not the source of this data.
Regarding the APIs, NHSO confirmed that while some service data is publicly accessible, secure API connections require registration and token issuance by NHSO. Furthermore, any API access involving significant data usage demands additional security measures, such as IP whitelisting, ensuring unauthorized access is not possible through allegedly sold APIs.
NHSO plans to bolster its cybersecurity to prevent future impersonations, including enhancing identity verification measures across platforms accessing personal data. Two-factor authentication has already been implemented for several key systems, with plans to extend these security measures to other platforms.
Key Takeaways
NHSO confirms no data breach found despite Discord claims.
Data attributed to NHSO may have been compiled from external sources.
NHSO to strengthen security with wider implementation of 2FA.
Adapted by ASEAN Now · Bangkok Post · 18 Feb 2026
Recommended Comments