Skip to content
View in the app

A better way to browse. Learn more.

Thailand News and Discussion Forum | ASEANNOW

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Thai data privacy watchdog uncovers massive breach involving over 5,000 organisations

Featured Replies

  • Popular Post

image.jpeg

Thailand’s Personal Data Protection Commission (PDPC) recently uncovered a significant privacy breach involving 5,261 organisations. Among these, a majority of 4,886 were government agencies from both central and local sectors. The lapse in data protection was observed between November 9 of the previous year and January 12.


The violations were primarily due to excessively revealing personal data on various websites and a noticeable absence of necessary security measures to safeguard this private information. Once identified, the PDPC office promptly notified all the implicated organisations, instructing them to rectify the identified security gaps.

 

In the same period, the PDPC office also managed to shut down 23 Facebook accounts involved in the illicit trade of personal data. This action further led to the arrest of five individuals actively participating in this illegal activity.

 

by Mitch Connor 

PHOTO: via forbes

 

Full story: The Thaiger 2024-01-16

 

- Cigna offers a range of visa-compliant plans that meet the minimum requirement of medical treatment, including COVID-19, up to THB 3m. For more information on all expat health insurance plans click here.

 

Get our Daily Newsletter - Click HERE to subscribe

This has been going on for years...

 

image.png.f775221193b82dc852d29ddaffe24d99.png

 

2 hours ago, webfact said:

Thailand’s Personal Data Protection Commission (PDPC) recently uncovered a significant privacy breach involving 5,261 organisations. Among these, a majority of 4,886 were government agencies from both central and local sectors. The lapse in data protection was observed between November 9 of the previous year and January 12.

Thailand still has a lot to learn about the digital age... 

2 hours ago, flyingtlger said:

This has been going on for years...

 

image.png.f775221193b82dc852d29ddaffe24d99.png

 

Much belated steps in the right direction......

It seems many Thais don't even understand the concept of data privacy.

 

I remember a marketing manager who put all emails she knew on a invitation list in facebook for a new club she was (marketing) in charge off.

When I received the facebook mail I told her I don't want to have anything to do with facebook and she shouldn't do that. She just didn't understand why I complained.

3 hours ago, flyingtlger said:

This has been going on for years...

 

image.png.f775221193b82dc852d29ddaffe24d99.png

 

Is that supposed to be "You're a day late"?

 

4,886 government agencies? What on earth? They should name them. Chances are we're all on at least 10 of them

Edited by bradiston

I got nailed with a serious data breach years ago and learned about locking down my social security number using Experian. It's a nuisance and costs about $10 USD/month, but I sleep better now.

1 hour ago, OneMoreFarang said:

It seems many Thais don't even understand the concept of data privacy.

 

I remember a marketing manager who put all emails she knew on a invitation list in facebook for a new club she was (marketing) in charge off.

When I received the facebook mail I told her I don't want to have anything to do with facebook and she shouldn't do that. She just didn't understand why I complained.

How many forget to use the .bcc in emails and rather distribute a complete list of recipients in the cc field. I recall once a financial guy pretty much supplying me with the emails of all his clients, and of course, mine to all of them too. 

Note to self I need to photocopy this thread 🤔

  • Popular Post
20 minutes ago, HappyExpat57 said:

I got nailed with a serious data breach years ago and learned about locking down my social security number using Experian. It's a nuisance and costs about $10 USD/month, but I sleep better now.

 

I hesitate to disturb your peace of mind, but absolutely anything about you is open to being hacked at any time, despite the nonsense that those responsible for the breach then say 'we take your privacy extremely seriously'. How many times have we seen that over the years. Your data is safe, until we find that it isn't. It's something we just have to live with.

  • Popular Post

A few years ago I discovered an open customer database including thousands of sale contracts with credit card info etc from

Sansiri when doing a simple yahoo search. 
 

I immediately reported this to Sansiri management. 
 

Their response: I was sued under computer crime act for opening the publicly available link.   Case dismissed eventually but meanwhile 2-3’years of my life disturbed, lost workpermit during that time and cost millions of baht in legal fees. 

 

the only satisfaction is that we were able to file a criminal case for bringing false accusations into the court. If I am not mistaken the current prime minister is one of the criminal defendants ….
 

Yes I name names because I usually do and the court record is a public document. 

10 minutes ago, Bangkok Barry said:

 

I hesitate to disturb your peace of mind, but absolutely anything about you is open to being hacked at any time, despite the nonsense that those responsible for the breach then say 'we take your privacy extremely seriously'. How many times have we seen that over the years. Your data is safe, until we find that it isn't. It's something we just have to live with.

 

Well, allow me to retort. Without access to my social security number, no one can start new financial actions in my name. I did recently have an annoying occurrence of attempted theft. I booked a trip with China Airlines using a Wells Fargo credit card, and within 15 minutes I received alerts from Wells Fargo that someone had just charged some Jet Blue flights on the same card. I let them know I HAD booked the China Airlines flight but not the Jet Blues. It would appear some unscrupulous China Airlines employee tried helping themselves on my dime. The card was cancelled and a new one sent, problem averted.

 

I also check all my active accounts first thing every morning after a good night's sleep. As for anything else regarding privacy? If they really want to mine for my boring details, they are welcome to them.

2 minutes ago, HappyExpat57 said:

I also check all my active accounts first thing every morning after a good night's sleep.

 

I would not describe feeling you need to do that as peace of mind.

5 minutes ago, HappyExpat57 said:

I did recently have an annoying occurrence of attempted theft. I booked a trip with China Airlines using a Wells Fargo credit card, and within 15 minutes I received alerts from Wells Fargo that someone had just charged some Jet Blue flights on the same card. I let them know I HAD booked the China Airlines flight but not the Jet Blues. It would appear some unscrupulous China Airlines employee tried helping themselves on my dime. The card was cancelled and a new one sent, problem averted.

Mrs T had a similar experience with Air Lanka.

She used her credit card to book a ticket to the UK, via the online booking portal, to visit family and within hours it was used to buy stuff in the USA.

Credit card company re-reimbursed her.

I worked in the software industry since the 'card' age (1960's.)

Apps and online sites these days only have micky mouse security and have no 'destruction' testing carried out on them.

These days it is easier (and cheaper) to 'chuck it out there and let the users test it. We will fix it as we go along.'

 

I do not use wifi on my phone, have zero apps loaded (apart from the manufacturer's ones that cannot be deleted) and live a stress free life concerning scams and security.

 

My laptop has so much security around it that sometimes even friends cannot contact me :thumbsup:

 

Bliss :lock:

1 hour ago, HappyExpat57 said:

I got nailed with a serious data breach years ago and learned about locking down my social security number using Experian. It's a nuisance and costs about $10 USD/month, but I sleep better now.

I take it you are aware of these -

https://www.huffpost.com/entry/experian-hacked-tmobile_n_560e0d30e4b0af3706e0481e

 

https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/

4 hours ago, flyingtlger said:

This has been going on for years...

 

image.png.f775221193b82dc852d29ddaffe24d99.png

 

Same as in your home country

2 hours ago, hotchilli said:

Thailand still has a lot to learn about the digital age... 

Data breaches happen in every country a lot, that the local papers don't write about it is another thing.

Data Breaches and Cyber Attacks Quarterly Review: Q2 2023 - IT Governance UK Blog

Edited by FritsSikkink

Thailand and digital things are not matching.. many examples.. Mor Prom, 90 days reporting, systems not connected to eachother, etc etc..

A few years ago, it was available online the whole database from the Health and Quarantine office with all the data from arrivals that had to show yellow fever certificate. With full name, full passport details,  full address and flight details. 

 

Create an account or sign in to comment

Recently Browsing 0

  • No registered users viewing this page.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.