Jump to content

Thai data privacy watchdog uncovers massive breach involving over 5,000 organisations

webfact

By webfact
in Thailand News

 Share

Recommended Posts

  • Popular Post
webfact Grand Master Member

webfact

Posted
  • Popular Post
Posted

image.jpeg

Thailand’s Personal Data Protection Commission (PDPC) recently uncovered a significant privacy breach involving 5,261 organisations. Among these, a majority of 4,886 were government agencies from both central and local sectors. The lapse in data protection was observed between November 9 of the previous year and January 12.


The violations were primarily due to excessively revealing personal data on various websites and a noticeable absence of necessary security measures to safeguard this private information. Once identified, the PDPC office promptly notified all the implicated organisations, instructing them to rectify the identified security gaps.

 

In the same period, the PDPC office also managed to shut down 23 Facebook accounts involved in the illicit trade of personal data. This action further led to the arrest of five individuals actively participating in this illegal activity.

 

by Mitch Connor 

PHOTO: via forbes

 

Full story: The Thaiger 2024-01-16

 

- Cigna offers a range of visa-compliant plans that meet the minimum requirement of medical treatment, including COVID-19, up to THB 3m. For more information on all expat health insurance plans click here.

 

Get our Daily Newsletter - Click HERE to subscribe

  • Like 1
  • Thumbs Up 1
  • Haha 3
hotchilli Legendary Member

hotchilli

Posted
Posted
2 hours ago, webfact said:

Thailand’s Personal Data Protection Commission (PDPC) recently uncovered a significant privacy breach involving 5,261 organisations. Among these, a majority of 4,886 were government agencies from both central and local sectors. The lapse in data protection was observed between November 9 of the previous year and January 12.

Thailand still has a lot to learn about the digital age... 

OneMoreFarang Star Member

OneMoreFarang

Posted
Posted

It seems many Thais don't even understand the concept of data privacy.

 

I remember a marketing manager who put all emails she knew on a invitation list in facebook for a new club she was (marketing) in charge off.

When I received the facebook mail I told her I don't want to have anything to do with facebook and she shouldn't do that. She just didn't understand why I complained.

bradiston Ruby Member

bradiston

Posted
Posted
3 hours ago, flyingtlger said:

This has been going on for years...

 

image.png.f775221193b82dc852d29ddaffe24d99.png

 

Is that supposed to be "You're a day late"?

 

4,886 government agencies? What on earth? They should name them. Chances are we're all on at least 10 of them

HappyExpat57 Platinum Member

HappyExpat57

Posted
Posted

I got nailed with a serious data breach years ago and learned about locking down my social security number using Experian. It's a nuisance and costs about $10 USD/month, but I sleep better now.

jacko45k Star Member

jacko45k

Posted
Posted
1 hour ago, OneMoreFarang said:

It seems many Thais don't even understand the concept of data privacy.

 

I remember a marketing manager who put all emails she knew on a invitation list in facebook for a new club she was (marketing) in charge off.

When I received the facebook mail I told her I don't want to have anything to do with facebook and she shouldn't do that. She just didn't understand why I complained.

How many forget to use the .bcc in emails and rather distribute a complete list of recipients in the cc field. I recall once a financial guy pretty much supplying me with the emails of all his clients, and of course, mine to all of them too. 

  • Like 1
  • Popular Post
Bangkok Barry Diamond Member

Bangkok Barry

Posted
  • Popular Post
Posted
20 minutes ago, HappyExpat57 said:

I got nailed with a serious data breach years ago and learned about locking down my social security number using Experian. It's a nuisance and costs about $10 USD/month, but I sleep better now.

 

I hesitate to disturb your peace of mind, but absolutely anything about you is open to being hacked at any time, despite the nonsense that those responsible for the breach then say 'we take your privacy extremely seriously'. How many times have we seen that over the years. Your data is safe, until we find that it isn't. It's something we just have to live with.

  • Like 1
  • Agree 2
  • Popular Post
teutonian Explorer Member

teutonian

Posted
  • Popular Post
Posted

A few years ago I discovered an open customer database including thousands of sale contracts with credit card info etc from

Sansiri when doing a simple yahoo search. 
 

I immediately reported this to Sansiri management. 
 

Their response: I was sued under computer crime act for opening the publicly available link.   Case dismissed eventually but meanwhile 2-3’years of my life disturbed, lost workpermit during that time and cost millions of baht in legal fees. 

 

the only satisfaction is that we were able to file a criminal case for bringing false accusations into the court. If I am not mistaken the current prime minister is one of the criminal defendants ….
 

Yes I name names because I usually do and the court record is a public document. 

  • Like 1
  • Heart-broken 1
  • Thanks 2
HappyExpat57 Platinum Member

HappyExpat57

Posted
Posted
10 minutes ago, Bangkok Barry said:

 

I hesitate to disturb your peace of mind, but absolutely anything about you is open to being hacked at any time, despite the nonsense that those responsible for the breach then say 'we take your privacy extremely seriously'. How many times have we seen that over the years. Your data is safe, until we find that it isn't. It's something we just have to live with.

 

Well, allow me to retort. Without access to my social security number, no one can start new financial actions in my name. I did recently have an annoying occurrence of attempted theft. I booked a trip with China Airlines using a Wells Fargo credit card, and within 15 minutes I received alerts from Wells Fargo that someone had just charged some Jet Blue flights on the same card. I let them know I HAD booked the China Airlines flight but not the Jet Blues. It would appear some unscrupulous China Airlines employee tried helping themselves on my dime. The card was cancelled and a new one sent, problem averted.

 

I also check all my active accounts first thing every morning after a good night's sleep. As for anything else regarding privacy? If they really want to mine for my boring details, they are welcome to them.

  • Like 1
Bangkok Barry Diamond Member

Bangkok Barry

Posted
Posted
2 minutes ago, HappyExpat57 said:

I also check all my active accounts first thing every morning after a good night's sleep.

 

I would not describe feeling you need to do that as peace of mind.

  • Agree 1
Tropicalevo Star Member

Tropicalevo

Posted
Posted
5 minutes ago, HappyExpat57 said:

I did recently have an annoying occurrence of attempted theft. I booked a trip with China Airlines using a Wells Fargo credit card, and within 15 minutes I received alerts from Wells Fargo that someone had just charged some Jet Blue flights on the same card. I let them know I HAD booked the China Airlines flight but not the Jet Blues. It would appear some unscrupulous China Airlines employee tried helping themselves on my dime. The card was cancelled and a new one sent, problem averted.

Mrs T had a similar experience with Air Lanka.

She used her credit card to book a ticket to the UK, via the online booking portal, to visit family and within hours it was used to buy stuff in the USA.

Credit card company re-reimbursed her.

Tropicalevo Star Member

Tropicalevo

Posted
Posted

I worked in the software industry since the 'card' age (1960's.)

Apps and online sites these days only have micky mouse security and have no 'destruction' testing carried out on them.

These days it is easier (and cheaper) to 'chuck it out there and let the users test it. We will fix it as we go along.'

 

I do not use wifi on my phone, have zero apps loaded (apart from the manufacturer's ones that cannot be deleted) and live a stress free life concerning scams and security.

 

My laptop has so much security around it that sometimes even friends cannot contact me :thumbsup:

 

Bliss :lock:

topt Ruby Member

topt

Posted
Posted
1 hour ago, HappyExpat57 said:

I got nailed with a serious data breach years ago and learned about locking down my social security number using Experian. It's a nuisance and costs about $10 USD/month, but I sleep better now.

I take it you are aware of these -

https://www.huffpost.com/entry/experian-hacked-tmobile_n_560e0d30e4b0af3706e0481e

 

https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/

brfsa2 Silver Member

brfsa2

Posted
Posted

A few years ago, it was available online the whole database from the Health and Quarantine office with all the data from arrivals that had to show yellow fever certificate. With full name, full passport details,  full address and flight details. 

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.



ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...