The website 9nearorg has been blocked in Thailand due to its involvement in a significant data breach. The breach exposed the personal information of 55 million Thai citizens [1] [2], including sensitive details such as full names [2], birthdates [1] [2], ID card numbers [1] [2], and phone numbers [1] [2]. This breach is part of a concerning trend in Thailand, with multiple significant breaches reported in January 2024 alone [1] [2].
Description
The operator of the website, known as “9Near – Hacktivist,” claimed to have accessed and stolen personal information from vaccine registration records. This stolen data [1], which includes personal identifiable information (PII) [1] [3], is now being circulated by cybercriminals known as Naraka. These cybercriminals have targeted various platforms, resulting in the compromise of a large volume of Thai citizens’ personal information.
Thai-based e-commerce [2] [3], fintech [2] [3], and government resources have been specifically targeted due to the abundance of personal documents used for Know Your Customer (KYC) purposes. As a result, Thai citizens are being defrauded, and financial organizations are under attack. Notably, the Bangkok Industrial Gas Company Limited and a stock trading platform have also experienced data breaches [2].
To address these challenges and safeguard the digital economy and citizens’ privacy, cybersecurity firm Resecurity emphasizes the need for robust cybersecurity strategies, stringent data privacy regulations [2], and a culture of digital vigilance [2]. Thailand’s increasing prominence in the digital arena, particularly in the field of Information and Communication Technology (ICT) within the Asia-Pacific region [3], makes it an attractive target for cybercriminals seeking to exploit personal data.
Conclusion
The data breach on the website 9nearorg and the subsequent circulation of stolen personal information have significant impacts on Thai citizens and financial organizations. It highlights the urgent need for stronger cybersecurity measures, stricter data privacy regulations [2], and increased digital awareness among individuals and organizations. Failure to address these challenges could have long-lasting implications for the digital economy and citizens’ privacy in Thailand.
References
[1] https://securityonline.info/55-million-records-thailands-pii-massive-leak-unveiled/
[2] https://www.infosecurity-magazine.com/news/thai-court-blocks-9nearorg/
[3] https://ciso2ciso.com/cybercriminals-leaked-massive-volumes-of-stolen-pii-data-from-thailand-in-dark-web-source-securityaffairs-com/
