Hunt launched for ‘9near’ as it holds personal data of 55 million Thais to ransom


The Public Health Ministry and Digital Economy and Society (DES) Ministry said they are working together to find out how the “9near” hacker got access to the personal information of 55 million Thais.

The hacker claims to have stolen ID card numbers, names, surnames, birthdates, addresses and phone numbers of 55 million Thais.

Dr Opas Karnkawinpong, Public Health Ministry’s permanent secretary, said on Friday that the initial investigation shows that there have been no leaks from any agencies under his ministry. However, he would not elaborate saying it would affect the investigation.

The website, operated by a group called “9near – Hactivist”, published a statement claiming it has “hacked” the personal information of 55 million Thais from “some government agency”.

Hactivists refers to politically motivated hackers, and the website backs this up with the political statement: “Almost election, decide wisely”.

It also says: “WARNING!! If you think the leaked data is from your organisation, contact us before 5 April 4PM GMT+7. Otherwise we then announce where it came from and how we hacked into, Also PUBLIC all the data … We are not kidding. For POC, send us your name or phone number”.

“The Public Health Ministry is a government agency, so we are legally obliged to find the culprit who stole the government’s data,” said Dr Opas.

Well-known TV news anchor Sorrayuth Suthassanachinda said on Friday that he had received a threatening message from “9near”, which included his personal information, including address and phone numbers.

Chuwat Rerksirisuk, a newscaster from Voice TV, also claimed to have received a similar message.

Earlier on Friday DES Minister Chaiwut Thanakamanusorn said he had contacted the 9near website’s hosting service, which is located overseas, to shut it down for possible privacy violations, but has yet to receive an answer.

The ministry is also seeking a court order to block the website in Thailand over possible violation of the Computer Crime Act of 2017.

Chaiwut also said the leaked information did not appear to contain sensitive data, such as medical records. He believes the information gathered by the hackers may have been taken from agencies or companies that have substandard cyber-security systems.

Chaiwut also warned that releasing other people’s personal information is a criminal offence and can result in five years in prison and/or a fine of up to 1 million baht.

Meanwhile, according to The Matter website, this is not the first time that the personal information of Thai residents has been stolen.

In February last year, the data of 23,000 students was hacked and sold. In November last year, the private information of doctors and patients of Phetchabun Hospital was stolen and put on sale on the Raid Forum website.