Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Details of 100M Visitors to Thailand Exposed Online: Research Firm

More than 106 million travellers to Thailand had their personal details exposed online in August, a cybersecurity research company that discovered the data said Monday, but the leak was quickly plugged by authorities.

More than 106 million travellers to Thailand had their personal details exposed online in August, a cybersecurity research company that discovered the data said Monday, but the leak was quickly plugged by authorities.

The Southeast Asian nation is a popular tourist destination, drawing nearly 40 million visitors in 2019 before the pandemic shuttered borders and seized up global travel.

Britain-based consumer security company Comparitech said in a report that its head of cybersecurity research Bob Diachenko found a database in August containing the personal information of travellers to the kingdom.

He said “any foreigner who travelled to Thailand in the last decade might have had their information exposed in the incident”, including their name, passport number and residency status.

Comparitech said Diachenko also found his own name and details about his entries into Thailand on the database, which contained information dating back to 2011.

Thai authorities were informed on August 22 and secured the data the following day.

“However we do not know how long the data was exposed prior to being indexed,” said the report.

Thai authorities “maintain the data was not accessed by any unauthorised parties”, it added.

Advertisement. Scroll to continue reading.

Thailand’s Cyber Crime Investigation Bureau said it was unaware of the incident but was looking into it.

While Thais are largely internet-savvy, their government is no stranger to data leaks and information breaches.

In June a government website for foreigners to sign up for a coronavirus vaccine was found to be revealing the names and passport numbers of prospective recipients. The site was taken down soon after.

Related: Thousands of Android Apps Leak Data Due to Firebase Misconfigurations

Related: Microsoft Exposed 250 Million Customer Support Records

Related: Cybersecurity Firm Exposes Breach Database Containing 5 Billion User Records

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...