Thailand Post Confirms Major Data Breach, 19 Million Records Leaked to Dark Web

[Georgealbert]

 

Pictures courtesy of Matichon.

 

Thailand Post (Thailand Post Co., Ltd.) has confirmed a significant data breach in which 19 million user records were stolen and leaked onto the dark web. The organisation has since taken immediate action to seal the vulnerability and enhance its data protection measures.

 

In an official statement released on its Facebook page, the state enterprise admitted that customer information had been accessed without authorisation. However, it clarified that no financial transaction data was compromised in the breach.

 

The company issued a formal apology to its users and stated that it had already shut down the access point exploited by the attackers. Thailand Post also announced a tightening of its data security protocols and reaffirmed its commitment to safeguarding personal information.

 

To address the incident, Thailand Post is now working closely with the National Cyber Security Agency (NCSA) and the Personal Data Protection Committee (PDPC) to investigate the breach and implement robust preventative measures. Legal proceedings have also been initiated in response to the unlawful access and sale of the data.

According to reports, the stolen data, comprising 19 million records, was offered for sale on dark web marketplaces.

 

The investigation is ongoing as authorities work to determine the full impact of the breach and identify those responsible.

 

-- 2025-04-05

 

[JoePai]

The only surprise is it has not happened before 

[Gsxrnz]

With the medieval address system used in Thailand, even the official Thailand Post drivers can't find you anyway. This data is worth about the price of an iced coffee. 

[Tropicalevo]

'Horse, door, bolted' springs to mind here.

Again.

[hotchilli]

8 hours ago, Georgealbert said:

Thailand Post (Thailand Post Co., Ltd.) has confirmed a significant data breach in which 19 million user records were stolen and leaked onto the dark web. The organisation has since taken immediate action to seal the vulnerability and enhance its data protection measures.

A tad late for 19 million

[Gandtee]

8 hours ago, Gsxrnz said:

With the medieval address system used in Thailand, even the official Thailand Post drivers can't find you anyway. This data is worth about the price of an iced coffee. 

A relative from Oz paid me a surprise visit but couldn't find me on the address all my mail is delivered to. In the end, the cab driver took him to the police station, and the police escorted him to my house. What sort of info has been leaked?

[rough diamond]

1 hour ago, Gandtee said:

In the end, the cab driver took him to the police station, and the police escorted him to my house.

Well done to the police!

I hope you tipped them! 😀

[phetphet]

When you post something EMS and they ask to see your passport, are all your details entered into their systems and kept?

 

If so the hackers likely have my passport details, name, address and phone number.

 

If on a trip to BKK, I go shopping, I normally  box everything up and EMS it back to Samui. It's pretty quick, cheap, and saves me having to carry it  on the plane.

 

 

 

 

[johng]

10 minutes ago, phetphet said:

If so the hackers likely have my passport details, name, address and phone number.

Don't worry immigration was hacked a few years ago so the probably have all that info already.

[mfd101]

1 hour ago, Gandtee said:

A relative from Oz paid me a surprise visit but couldn't find me on the address all my mail is delivered to. In the end, the cab driver took him to the police station, and the police escorted him to my house.

A fail-safe system.

[it is what it is]

10 hours ago, JoePai said:

The only surprise is it has not happened before 

 

well yea, happens in many countries around the world, so thailand has done well to have gone so long without a major data breach.

[AustinRacing]

I’ve had credit cards sent via post from overseas stolen. All taken by postal staff and used to purchase goods online, as the record showed. No surprise they sold data on dark web. They just help themselves. Thieves. 

[Gottfrid]

10 hours ago, AustinRacing said:

I’ve had credit cards sent via post from overseas stolen. All taken by postal staff and used to purchase goods online, as the record showed. No surprise they sold data on dark web. They just help themselves. Thieves. 

So, you don´t think such things happens in other countries? Dude, there are bad apples everywhere. 

[quake]

13 hours ago, johng said:

Don't worry immigration was hacked a few years ago so the probably have all that info already.

 

A few years back at jomtien immigration.

I would get a copy, or a form there,  and on the back would be some persons passport info page. 

Some times recycling is not the best option.

TIT.

[AustinRacing]

50 minutes ago, Gottfrid said:

So, you don´t think such things happens in other countries? Dude, there are bad apples everywhere. 

What’s your point? We’re talking about Thai Post and the rot that is endemic here. Stay focused dude 😂

[Gottfrid]

36 minutes ago, AustinRacing said:

What’s your point? We’re talking about Thai Post and the rot that is endemic here. Stay focused dude 😂

What rot is endemic here? You see one breach, and then everything is rotten. You see one 10 people behaving bad, then all is bad, right?

For example, do you have any knowledge about how many packages are delivered right, against the 3 that came to the wrong address? Your reasoning is pathetic.

[Gandtee]

18 hours ago, rough diamond said:

Well done to the police!

I hope you tipped them! 😀

I did. I told the copper to stop buggering about providing a taxi service to farangs and to get out there and catch a few criminals. Will he take my tip? I doubt it.😉

[AustinRacing]

22 hours ago, Gottfrid said:

What rot is endemic here? You see one breach, and then everything is rotten. You see one 10 people behaving bad, then all is bad, right?

For example, do you have any knowledge about how many packages are delivered right, against the 3 that came to the wrong address? Your reasoning is pathetic.

You seem unable to consider big picture stuff and rather focus on a narrow band of issues. Never mind. Next. 

[impulse]

On 4/5/2025 at 5:43 PM, Gandtee said:

What sort of info has been leaked?

 

That's my question, too.

 

[Gottfrid]

2 hours ago, AustinRacing said:

You seem unable to consider big picture stuff and rather focus on a narrow band of issues. Never mind. Next. 

That was the most stupid reply you could have been making. Opposite to you, I look at the big picture. It´s you that sees all isolated incidents and let them cover the whole society. Means that you a floating the narrow over the big picture. Looking at the big picture, most things are handled as they should. Sure there are a lot of corruption and mistakes made regarding security as in this case. However, that´s not ant rot but a well known situation in all of Asia. In this part of the world as in a few other corruption has grown in to being a part of the culture. Asia is not for everyone, but please don´t come here and talk about rot as an outsider who can´t understand the situation.