Thailand’s largest mobile telco denies user data leak

BANGKOK (Bernama): Thailand’s largest mobile phone network Advanced Info Service (AIS) has denied reports of a user data leak, saying the data was a test to improve its network.

Its public relations chief Saichon Sapmak-udom said the data only painted an overall picture of Internet usage without disclosing the personal or sensitive information of its users.

"It is not personal data of our users. None of our customers has been affected, there is no financial damage, ” she said in a statement.

The data leak came to light after a security researcher claimed a massive database of 8.3 billion real-time Internet records of AIS users was leaked online. The database was secured on May 22.

In a blog post, security researcher Justin Paine said the database, likely controlled by AIS subsidiary Advance Wireless Network (AWN), contained a combination of DNS queries (a demand for information sent from a user's computer) and NetFlow data (a network protocol developed by Cisco for collecting traffic information and monitoring network traffic).

"It (the database) does not contain sensitive data such as passwords, however it can identify which websites the user accessed and apps they used.

"Using this data, it is quite simple to paint a picture of what a person does on the Internet, ” he said.

Paine said the database was first publicly accessible on May 1 and he only discovered it on May 7.

He said he alerted AIS on May 13 on the leak of database, but the database was still not secured after a week.

Later, he alerted Thailand’s computer emergency response team (ThaiCERT), which was able to make contact with AIS and get the database secured.

"Over the course of the roughly three weeks, the volume of data exposed has been growing significantly. The database was adding approximately 200 million new rows of data every 24 hours.

"Approximately 8.3 billion documents and a total of 4.7 terabytes of information were stored in the database, ” he added.

Paine said with DNS query logs, a single source IP address, it is possible to determine the type of devices on users’ network, and the sites they frequent – Google, YouTube, Facebook, TikTok, Line (a chat application). – Bernama

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3

Thailand , AIS , Data Leak


Did you find this article insightful?


Next In Aseanplus News

Thai female found infected with Covid-19 after slipping across border from Myanmar
Indonesia: Doctors in anguish as hospitals are running out of beds and Covid-19 cases hitting 528,000 cases
Philippines named world’s top dive destination, Intramuros is top tourist attraction
China should further open up finance sector, PBOC official says
Indonesia police hunt suspected militants after four killed; 7 terrorist suspects arrested thus far
Singapore: No need to rely on one Covid-19 vaccine; 6 cases on Saturday (Nov 28) - only one local
Covid-19: 1,315 new cases reported, four fatalities bring death toll to 354
Record catch: Myanmar military seizes US$634mil worth of narcotic drugs; Covid-19 cases surges above 86,000
Prime Minister: Asean-China ties keep positive growth
Thailand: Deep political divide taking a toll on even familial bonds; govt confirms local Covid-19 case on Saturday (Nov 28)

Stories You'll Enjoy