Site navigation

Database of 8bn Thai Internet Records Exposed in Major Data Breach

David Paul

,

data breach

The database, managed by a third party company for Thailand’s largest cell network AIS, was pulled after spilling billions of real-time internet records on millions of Thai internet users.

A subsidiary of Thailand’s largest cell network, Advanced Info Service (AIS), has made a database containing real-time internet records of millions of customers available online in a major data breach.

The information was released in May during a test scheduled by the company, who claim that no important data was made available. The database has now been made inaccessible.

In a blog post, security researcher Justin Paine discussed the database, saying that the information could help anyone to “quickly paint a picture” of what someone may be doing online in real-time.

Paine commented: “Over the course of the roughly three weeks the database has been exposed the volume of data has been growing significantly. The database was adding approximately 200 million new rows of data every 24 hours.

“To be precise, as of May 21st, 2020: 8,336,189,132 documents were stored in the database. This data was a combination of NetFlow data and DNS query logs.”

Paine says he alerted AIS of the breach May 13, but after the company failed to act, reported to Thailand’s national computer emergency response team, known as ThaiCERT.

AIS admits that there was a security lapse on its systems but insists that no important information was exposed in the data breach.

Recommended

AIS spokesperson Sudaporn Watcharanisakorn commented: “We can confirm that a small amount of non-personal, non-critical information was exposed for a limited period in May during a scheduled test.

“All of the data related to Internet usage patterns and did not contain personal information that could be used to identify any customer.

“On this occasion, we acknowledge that our procedures fell short, for which we sincerely apologise.”

The company says it will continue to review its security measures.

This latest breach of data is continuing to become a common theme amongst large organisations worldwide who fail to ensure cybersecurity measures are put in place to protect users.

In recent months, companies such as Virgin Media, Marriott Hotels and EasyJet have suffered major breaches on their systems, exposing the data of millions of their customers.

David Paul

Staff Writer, DIGIT

Latest News

%d bloggers like this: