More than 106 million travellers to Thailand had their personal details exposed online in August, a cybersecurity research firm that discovered the data said on Monday, but the leak was quickly plugged by authorities.
The Southeast Asian nation is a popular tourist destination, drawing nearly 40 million visitors in 2019 before the Covid-19 pandemic shut borders and seized up global travel.
Britain-based consumer security firm Comparitech said in a report that its head of cybersecurity research, Bob Diachenko, found a database in August containing the personal information of travellers to the kingdom.
He said “any foreigner who travelled to Thailand in the last decade might have had their information exposed in the incident”, including their name, passport number and residency status.
Comparitech said Diachenko also found his own name and details about his entries into Thailand on the database, which contained information dating back to 2011.
Thai authorities were informed on August 22 and secured the data the following day.
“However we do not know how long the data was exposed prior to being indexed,” said the report.
Thai authorities “maintain the data was not accessed by any unauthorised parties”, it added.
Thailand’s Cyber Crime Investigation Bureau said it was unaware of the incident but was looking into it.
While Thais are largely internet-savvy, their government is no stranger to data leaks and information breaches.
In June, a government website for foreigners to sign up for a coronavirus vaccine was found to be revealing the names and passport numbers of prospective recipients. The site was taken down soon after.
Meanwhile in neighbouring Indonesia, authorities said they had found no evidence that the country’s main intelligence service’s computers were compromised, after a US-based private cybersecurity company alerted them of a suspected breach of its internal networks by a Chinese hacking group.
The Insikt Group, the threat research division of Massachusetts-based Recorded Future, said it discovered the hack in April when it detected malware servers operated by the “Mustang Panda” group communicating with hosts inside Indonesian government networks.
The activity targeted the intelligence agency Badan Intelijen Negara (BIN), as well as nine other Indonesian government organisations, Recorded Future said.
“We assess that this activity is very likely linked to the Chinese state-sponsored threat activity group Mustang Panda based on our continued tracking of Chinese state-sponsored cyberespionage activity,” the company said in an email to AP.
Chinese government offices were closed on Monday for the Mid-Autumn Festival and could not be reached, but authorities have consistently denied any form of state-sponsored hacking and said China itself is a major target of cyberattacks.
Recorded Future said its experts traced the hack back to as early as March, and the last observed date of the intrusion was August 20. “We have not seen additional activity targeting BIN since that date,” it said.
After being notified by Recorded Future, BIN investigated the suspected breach together with other agencies and related stakeholders, but found “our server is safe and under control, there is no indication that it was hacked by suspected Chinese hackers”, said Wawan Hari Purwanto, a deputy chief and spokesman for the agency.
BIN coordinates information sharing and operations for Indonesia’s other intelligence agencies, as well as conducting its own operations. – AP
