Thailand's Data at Risk Amidst Cybersecurity Concerns
PDPC warns of vulnerabilities following breaches at major companies; Kaspersky data highlights widespread server risk
The Personal Data Protection Committee (PDPC) has warned that Thailand's vulnerability in data protection and the lack of robust cybersecurity measures are placing Thai data at significant risk from hackers.
This warning was prompted by reports of data breaches at several major Thai companies, including Thailand Post, Bangchak, and HomePro, where thousands, if not millions, of personal information records were compromised.
Thienchai na Nakorn, chairman of the PDPC, revealed to "Thansettakij" that Thailand faces an elevated risk of personal data breaches.
According to data from Kaspersky, a leading antivirus software provider, over 200,000 servers in Thailand are vulnerable to cyberattacks. While some data leaks have already occurred, the full extent of the damage remains unassessed.
The situation surrounding personal data breaches is complex. Although some organisations in Thailand possess strong security systems, many others are falling victim to increasingly sophisticated cyberattacks.
The problem isn't limited to the theft of personal data; it also includes the misuse of stolen information, such as its sale on the dark web.
A series of personal data breaches at leading Thai businesses in April, including Thailand Post, Bangchak, and HomePro, exposed customer personal data.
The PDPC is now investigating whether this exposure resulted from internal errors within these organisations or inadequate security systems. If internal errors are the cause, the organisation is liable under the Personal Data Protection Act.
However, if security system failures are to blame, the organisation must upgrade its systems to ensure stronger protection.
Thienchai further stated that these incidents are acting as a catalyst, compelling organisations to enhance their security systems to provide better protection for personal data.
They are also raising public awareness about the importance of safeguarding personal data to mitigate the risk of becoming a victim of cybercrime.
