AIS Suffers Data Leak: 8 Billion Thai Records Exposed

Thailands largest cellphone network, AIS, has suffered from a data leak. The leak exposed a massive 8 billion records.

We got yet another data leak to report on; and this time, it’s a big one. Thailand’s largest cell phone network, AIS, has suffered from a data leak. The leak exposed a massive 8 billion records on the people of Thailand. Security researcher, Justin Paine, discovered the data leak and attempted to contact AIS without success. From TechCrunch:

Security researcher Justin Paine said in a blog post that he found the database, containing DNS queries and Netflow data, on the internet without a password. With access to this database, Paine said that anyone could “quickly paint a picture” about what an internet user (or their household) does in real-time.

Paine alerted AIS to the open database on May 13. But after not hearing back for a week, Paine reported the apparent security lapse to Thailand’s national computer emergency response team, known as ThaiCERT, which contacted AIS about the open database.

The database was inaccessible a short time later.

AIS spokesperson Sudaporn Watcharanisakorn confirmed AIS owned the data, and apologized for the security lapse.

“We can confirm that a small amount of non-personal, non-critical information was exposed for a limited period in May during a scheduled test,” said the spokesperson.

“All of the data related to Internet usage patterns and did not contain personal information that could be used to identify any customer,” said the spokesperson. “On this occasion we acknowledge that our procedures fell short, for which we sincerely apologise.”

But that isn’t true.

DNS queries are a normal side-effect of using the internet. Every time you visit a website, the browser converts a web address into an IP address, which tells the browser where the web page lives on the internet. Although DNS queries don’t carry private messages, emails, or sensitive data like passwords, they can identify which websites you access and which apps you use.

TechCrunch went on to say that this is extremely problematic for high-risk individuals like journalists and activists operating in the country.

In terms of total records, this represents what is technically the second largest leak we’ve seen all month. That title is still held by adult streaming site Cam4 which accidentally exposed 10 billion records. However, an argument can easily be made that this is technically worse because, chances are, the quality of the records are much better. Researchers pointed out that the Cam4 data leak likely had duplicate information on similar users. Such a thing is going to be less likely to occur in a leak like this. So, this very well could be the worst data leak we’ve seen all month. This is not to say that Cam4 didn’t contain potentially compromising information, of course. Both are really bad. This is just a question of which one could be technically worse.

May has been quite ugly on the security front. It’s gotten so bad that we are, at this stage, better off expressing the security incidences we’ve seen in a list:

It’s getting to the point now where this feels like a lifetime worth of security incidences. This is all the incidences we’ve reported on just this month alone. At this point in time, we actually legitimately believed that we have finally reported on all the big ones, then this massive Thailand leak proved not only that we haven’t, but we haven’t even seen what could be the worst one yet this month. All we can do is just shake our heads at all that carnage. This is seriously getting ridiculous at this point.

Drew Wilson on Twitter: @icecube85 and Facebook.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: