Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Data Breach Reveals Expat Details in Thailand

The personal details of thousands of foreign nationals living in southern Thailand were briefly leaked online in what the site’s developer admitted Monday was a data breach during a test for police.

The personal details of thousands of foreign nationals living in southern Thailand were briefly leaked online in what the site’s developer admitted Monday was a data breach during a test for police.

The leak comes as the junta-ruled nation pushes ahead with a much publicised crackdown against foreign visa overstayers and criminals, with immigration police adopting the official slogan “Good guys in, bad guys out.”

The gaffe was spotted by social media users late Sunday when a database appeared online containing the names, addresses, professions and passport numbers of more than 2,000 foreigners living in Thailand’s southern provinces.

The website carried an immigration police seal but used a private Thai web address, not one usually associated with government sites.

It was taken down early Monday, but not before the site’s existence had gone viral.

Thai Netizens, a digital advocacy group, tracked down the website’s owner, a developer called Akram Aleeming, who later posted a statement on Facebook saying the site had mistakenly been made public during testing stages.

Akram confirmed the error to AFP and said immigration police had commissioned the website.

Advertisement. Scroll to continue reading.

“We were doing a demo,” he told AFP. “As people were concerned it might affect security we closed it (the website).”

Immigration police did not respond to requests for comment.

Away from its booming tourist sector, Thailand has lurched towards a mistrust of foreigners under junta rule, with generals routinely blaming outsiders for a range of ills including crime and stoking political unrest.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.