Data of 106 Million Visitors to Thailand Breached

Written by

A British cybersecurity researcher stumbled across his own personal data online after discovering an unsecured database containing the personal information of millions of visitors to Thailand.

Bob Diachenko, leader of cybersecurity research at Comparitech, found the unprotected Elasticsearch database on August 22, 2021. Inside the 200GB digital index were records dating back ten years containing the personal details of more than 106 million international travelers.

Information exposed in the publicly accessible database consisted of full names, arrival dates, gender, residency status, passport numbers, visa information, and Thai arrival card numbers. 

Before the Covid-19 pandemic affected travel, Thailand was a popular tourist destination, drawing nearly 40 million visitors in 2019 alone. 

"Diachenko surmises that any foreigner who traveled to Thailand in the last decade might have had their information exposed in the incident," said Comparitech tech writer Paul Bischoff in a report on the data breach. 

"He even confirmed the database contained his own name and entries to Thailand."

Researchers at Comparitech were not able to determine how long the data had been exposed before it was indexed by the search engine Censys on August 20, 2021. 

Diachenko sent word of the data breach to Thai authorities, who secured the database within 24 hours. Thai authorities informed Comparitech that the exposed data was not accessed by any unauthorized parties. 

While the IP address of the database is still public, the index has been replaced with a digital booby trap. Visitors to the IP address who attempt to access the now secured database are presented with the message: “This is honeypot, all access were logged [sic].”

While no financial or contact information was included in the database, the data breach may be resented by impacted individuals.

"Any foreigner who traveled to Thailand in the last decade or so probably has a record in the database," reads the Comparitech report. 

"There are many people who would prefer their travel history and residency status not be publicized, so for them there are obvious privacy issues."

The breach follows a report in May in which Comparitech flagged the online exposure of more than 6,500 international visa applications by a visa assistance website for travelers to India.

What’s hot on Infosecurity Magazine?