Data leak in Thailand of 106 million tourists/travelers reported — names, passport numbers, visas etc

Data leaks in Thailand seem to be becoming commonplace in the last couple of years as yet another enormous data leak was reported today.

This time, it was the private data of 106 million tourists/travelers to Thailand, whose personal information was discovered online after it was indexed by search engine Censys on Aug 20th.

The data leak was reported to Thai authorities by a ‘white hacker’, and the information leak was plugged soon after.

Unfortunately for the 106 million people who had traveled to Thailand since 2011, however, the information that was exposed included the person’s full name, sex, passport number, visa type, arrival data and residency status.

There was no mention of their birthdate also being leaked but, if it was, that makes the leak even more serious.

One good piece of news concerning the latest data leak in Thailand, however, is that the Thai National Cybersecurity Agency (NCSA) confirmed the leak had occurred, but also said they had not been able to detect any of the information being put up for sale online.

At least yet.

The latest data leak in Thailand comes just three months after Thailand-based blogger Richard Barrow exposed more data being exposed on a government site set up for foreigners to register for the Covid-19 vaccine (see his tweet above).

In past years, leaks on Thai government websites have also exposed the data of more than 2,000 foreigners living in southern Thailand, while another data leak exposed foreigner’ names, nationalities, passport numbers, flight numbers, addresses in Thailand and even their most recent vaccine shots.

Now, with the latest data leak in Thailand that we know about, 106 million people’s information appeared online without Thai authorities being aware the leak had occurred.