Putting this here as it is related - Thai websites are not renowned for their security.
8.3 BILLION RECORDS OF AIS INTERNET USERS LEAKED ONLINE
AIS moved to secure its online database that leaked 8.3 billion internet records of its users, security researchers said Monday.
The leak was discovered by internet security researcher Justin Paine, who wrote in a post that it took two weeks before the telecom giant fixed it. The incident came just as privacy activists raise concerns over personal data collected by the government in the pandemic.
“Using this data it is quite simple to paint a picture of what a person does on the Internet,” Paine wrote in a Monday blog post. “Unsurprisingly the majority of the traffic was from Thailand, although there is a decent amount of traffic logged from surrounding countries as well.”
The database contained DNS queries (a demand from a user’s computer to a domain name) and Netflow data (IP address traffic). The information does not include sensitive information like passwords, e-mails, and messages, but they include what websites and apps each IP address was using.
Based on the data, Paine was able to pinpoint the social media sites and web browsers different households were using. Paine also noted that the database was especially looking at Facebook traffic.
Paine said the leak began on May 1 and exposed around 8.3 billion documents, or a total of 4.7 TB of information, without any password requirement.
He said he tried to contact AIS repeatedly from May 13 to 21, without any success. It was only when he reached out to the Thai Computer Emergency Response Team (ThaiCERT) on May 21 that actions were taken. The database was finally removed May 22.
Leaks of unsecure personal information frequently happened in Thailand, where privacy advocates have been pushing for tougher measures to protect data security.
Similar concerns were raised over the Thai Chana website that collects personal data of customers who visit malls and shops during the coronavirus pandemic.
https://www.khaosodenglish.com/culture/ ... ed-online/