Business & Economy Startups Data leak from Thailand telco reveals passport, ID card information

Data leak from Thailand telco reveals passport, ID card information




- Advertisement -

For nearly a month, anyone with the correct URL could simply jump in and download a host of sensitive information


Truemove H, the second-largest telco operator in Thailand, experienced a data leak over the weekend that resulted in sensitive materials of customers — such as passport and national ID card information — to become public.

The leak was discovered by an Irish researcher named Niall Merrigan who lives in Norway. On his personal blog, he detailed his discovery and the response to the issue provided by True.

About 46,000 accounts were discovered on Amazon Web Services’ cloud storage system named the S3 Bucket. The scary part of this particular leak is that all it required was the correct URL and really anybody could download full scans of people’s ID cards or passports.

- Advertisement -

According to Merrigan, he informed True about the leak back in March and the blog post makes it seem as if the company did not move until an imminent article was to be published in The Register.

The data appears to have remained accessible to the public for over one month after the leak was initially reported to when the information was finally removed.

“I checked again on Thursday 12-April 10:00 to verify if the files were available still and they were. At 19:00 they had finally been made private,” Merrigan wrote.

Also Read: Veiris uses blockchain to ease know-your-customer process –and is determined to win the Indonesian market

According to the Bangkok Post, the leak was considered of such a serious nature that the government regulatory body, the National Broadcasting and Telecommunications Commission (NBTC), called in representatives from True for questioning over the weekend.

Last weekend was the Songkran New Year’s festival that is widely celebrated across the Mekong region.

Technically, the NBTC does have the authority to revoke a telco license if it is deemed that the company is leaking sensitive information on purpose.

Also Read: Taiwan e-commerce firm Pinkoi expands into new Asian markets

True will reportedly be called in for further questioning on Tuesday before any actions are taken.

The post Data leak from Thailand telco reveals passport, ID card information appeared first on e27.

Source: e27

- Advertisement -

Bi-national couple charged with breaching SHN at Ritz-Carlton

Singapore—A British-Singaporean couple are facing charges for offences pertaining to Stay-Home Notice (SHN) requirements, having flouted an SHN at the Ritz-Carlton Millenia Singapore Hotel last September. The couple, British national Nigel Skea, 52, and his fiancée, Singaporean Agatha Maghesh Eyamalai, 39, were...

29-year-old inmate gets straight As for O levels, tops her cohort

Singapore — A 29-year-old inmate has topped her inmate cohort in the results for last year's GCE O-level examinations, according to the Singapore Prison Service (SPS) on Wednesday (Jan 13). Her story was released on Captains of Lives, the Facebook page...

9 new NMPs lay out topics they will be bringing up in Parliament

Singapore—House Speaker Tan Chuan-Jin announced on Thursday (Jan 14) that the nine new Nominated Members of Parliament (NMP) are to be appointed on Jan 21. The NMP scheme, introduced in Singapore in 1990, was put in place to ensure that there would...