Startups

Data leak from Thailand telco reveals passport, ID card information

Byuser

April 17, 2018

For nearly a month, anyone with the correct URL could simply jump in and download a host of sensitive information

 

Truemove H, the second-largest telco operator in Thailand, experienced a data leak over the weekend that resulted in sensitive materials of customers — such as passport and national ID card information — to become public.

The leak was discovered by an Irish researcher named Niall Merrigan who lives in Norway. On his personal blog, he detailed his discovery and the response to the issue provided by True.

About 46,000 accounts were discovered on Amazon Web Services’ cloud storage system named the S3 Bucket. The scary part of this particular leak is that all it required was the correct URL and really anybody could download full scans of people’s ID cards or passports.

According to Merrigan, he informed True about the leak back in March and the blog post makes it seem as if the company did not move until an imminent article was to be published in The Register.

The data appears to have remained accessible to the public for over one month after the leak was initially reported to when the information was finally removed.

See also  4 Factors to Consider When Choosing a Crowdfunding Platform

“I checked again on Thursday 12-April 10:00 to verify if the files were available still and they were. At 19:00 they had finally been made private,” Merrigan wrote.

Also Read: Veiris uses blockchain to ease know-your-customer process –and is determined to win the Indonesian market

According to the Bangkok Post, the leak was considered of such a serious nature that the government regulatory body, the National Broadcasting and Telecommunications Commission (NBTC), called in representatives from True for questioning over the weekend.

Last weekend was the Songkran New Year’s festival that is widely celebrated across the Mekong region.

Technically, the NBTC does have the authority to revoke a telco license if it is deemed that the company is leaking sensitive information on purpose.

Also Read: Taiwan e-commerce firm Pinkoi expands into new Asian markets

True will reportedly be called in for further questioning on Tuesday before any actions are taken.

The post Data leak from Thailand telco reveals passport, ID card information appeared first on e27.

See also  Should You Use a Credit Card to Pay University Tuition?

Source: e27

Byuser

Related Post

Featured News Startups

Ryde Group makes historic debut at NYSE as first Singaporean ride-hailing start-up to IPO

April 7, 2024 Jewel Stolarchuk
Featured News Startups

Singapore leads Southeast Asia in women-led startups, raising $3 billion in 2023

April 3, 2024 Jewel Stolarchuk
Startups

Ex-school rebel turned digital marketing entrepreneur

October 30, 2023 Mary Alavanza

You missed

Featured News Home News

Brickbats instead of support pours in for woman who complained that Singapore restaurant kicked her out

April 20, 2024 Anna Maria Romero
Home News

Gen Z workers say bosses’ mindsets and ’surveillance culture’ must change for flexi-work arrangements to work

April 20, 2024 Anna Maria Romero
Business

Linguistics, data science, architecture & IT: Singaporeans share what degrees they got and what careers they ended up in

April 20, 2024 Beatrice Del Rosario
International

House Speaker Mike Johnson Makes Historic Move, Surrenders GOP Control to Democrats

April 19, 2024 Asir F

© Copyright 2023 The Independent Singapore. All Rights Reserved.