It turned out that the names, passport numbers, etc. of 106 million foreign tourists who visited Thailand were published on the web, is it the immigration record for the past 10 years?

It turned out that information such as the names, passport numbers, arrival dates, etc. of 106 million foreign tourists who visited Thailand was published on the web. Upon receiving the report, Thai authorities acknowledged the incident and immediately implemented data protection.

Database containing personal info of 106 million international visitors to Thailand was exposed online --Comparitech

New leaks were found for 106 million foreign tourists who applied for entry into Thailand, such as arrival date in Thailand, full name, gender, passport number, status of residence, visa type, Thai immigration card number, etc. It is a database of about 200GB with the information of. Below is a screenshot of the database that was actually leaked.

This database was registered in the IoT device- specific search engine ' Censys ' on August 20, 2021, by Bob Diachenko, head of research at the British cybersecurity company Comparetech. I found it on the 22nd of August. According to Mr. Diachenko, his own information was also included in the database, and he reported to the Thai authorities on the same day. Upon receiving this report, Thai authorities acknowledged the incident on the 23rd of the following day and implemented data protection on the same day.

Since the personal information contained in the database was from 2011 onwards, it is believed that the leaked information was for the past 10 years of foreign tourist records.

Since the leaked information does not include financial information or contact information, it does not directly affect the victim, but since it included travel history and status of residence, it is a privacy issue. there is.

It is unknown how long the database in question was available for viewing, and it is not available at the time of the article.

in Security, Posted by darkhorse_log