Data breach reveals expat details in Thailand during a test run for Immigration police
The personal details of thousands of foreign nationals living in Thailand was briefly leaked online in what the site's developer admitted Monday was a data breach during a test run for police. The leak was spotted by social media users late 27 March when a database appeared online with the names, addresses, professions and passport numbers of more than 2,000 foreigners living in Thailand's southern provinces.
The website was openly available without the need for password access. The site was taken down early 28 March but not before it had gone viral. The website carried an immigration police seal but it used a private Thai web address, which Bangkok Post noted was not one usually associated with government sites.
Deputy Prime Minister Prawit Wongsuwon ordered the data to be removed from the website, defence spokesman Khongcheep Tantravanich said on 28 March. He said that the data should not have been made public.
He noted that foreigners were concerned about their safety because of the detailed information revealed to the public. Thai Netizens, a digital advocacy group traced the website's owner to a developer called Akram Aleeming, who later posted a statement on Facebook claiming that the site was mistakenly made public during testing stages.
He confirmed the mistake to AFP and said that the immigration police had commissioned the setting up of the website. "We were doing a demo. As people were concerned it might affect security we closed it [the website]," he told AFP.
The Thai government has been cracking down against foreigners and criminals overstaying in the country, with the immigration police adopting the official slogan, "good guys in, bad guys out."
The Immigration Police did not respond to requests for comment by the news agency. However, it was noted that websites for the police, courts and corrections departments in Thailand were all hacked into this year.
The Bangkok Post said that staff at the Courts of Justice department had failed to make backups for its website databases. They had to rely on the goodwill of the hackers to return the information for them to restore the sites.
© Copyright IBTimes 2024. All rights reserved.