Thailand’s Largest Telco Leaks 8.3 Billion User Data, Insists Its Not Serious

Absolute farce, when a telco inadvertently leaks user data and tells the public ” its okay the information is not sensitive or valuable” these company’s need to realise that a leak is a leak and that their system is not fool proof. They need to understand that what is not sensitive today could be harmful tomorrow.

So when Thailand’s largest mobile phone network – Advanced Info Service (AIS) denied reports of a user data leak, saying the data was a test to improve its network, many of its users were not too happy.

Its public relations chief, Saichon Sapmak-udom, said the data only painted an overall picture of internet usage without disclosing the personal or sensitive information of its users.

“It is not personal data of our users. None of our customers have been affected, there is no financial damage,” she said in a statement.

The data leak actually came to light after a security researcher claimed a massive database of 8.3 billion real-time internet records of AIS users was leaked online.  The database was secured on May 22.

In a blog post, security researcher Justin Paine said the database, likely controlled by AIS subsidiary Advance Wireless Network (AWN),  contained a combination of DNS queries (a demand for information sent from a user’s computer – DNS client to a DNS server) and NetFlow data (a network protocol developed by Cisco for collecting IP traffic information and monitoring network traffic).

“It (database) does not contain sensitive data such as passwords, however it can identify which websites the user accessed and apps they used.

“Using this data, it is quite simple to paint a picture of what a person does on the Internet,” he said. Paine said the database was first publicly accessible on May 1 and he only discovered it on May 7. He said he alerted AIS on May 13 on the leak of database, but  failed to get the database secured after a week.

Later, he alerted Thailand’s computer emergency response team, Thailand National CERT team (ThaiCERT) which able to make contact with AIS and got the database secured.

“Over the course of the roughly three weeks, the volume of data exposed has been growing significantly. The database was adding approximately 200 million new rows of data every 24 hours.

“Approximately 8.3 billion documents and a total of 4.7 terabyte (TB) of information were stored in the database,” he added.

Paine said with DNS query logs, a single source IP address, it is possible to determine the type of devices on users’ network, and the social networks they frequent  – Google, YouTube, Facebook, TikTok, Line (a chat application).

Now in my books these are extremely sensitive information, if under AIS protocols this constitutes as not serious or cause for concern, then I don’t what is…lets just hope Malaysia does not have similar guidelines.

Share this post:

Leave a Reply

Your email address will not be published. Required fields are marked *