Jump to content
reader

Massive leak of TrueMove phone data

Recommended Posts

Posted

From Nation Multimdia

 

Personal info at risk as TrueMove H customer data found in online folder

 

THE National Broadcasting and Telecom Commission (NBTC) has sought an urgent meeting with executives of TrueMove H, one of the country’s three major mobile phone operators, to question a probable massive leak of customers’ personal data.

The likely leak, including individuals’ ID cards and passport numbers, was first reported by Blognone, an online technology news service, when Niall Merrigan, a cyber-security researcher, said he had found the data under the folder name of Truemoveh/idcard with unrestricted access on the cloud storage facility of Amazon Web Service.

 

The 32-gigabyte folder contained multiple years of personal data of TrueMove H’s customers in Thailand, including those from 2016 (14.5 gigabytes), 2017 (8.3 gigabytes) and 2018 (2.2 gigabytes).

 

The folder shows a large quantity of personal ID card data, including photos and 13-digit numbers that were apparently used when customers first signed up with TrueMove H. The passport details of foreign customers in Thailand was in the folder, too. Due to its unrestricted access on the cloud-based data storage facility, such a massive data could be abused by unscrupulous people, affecting a large number of people in Thailand.

 

TrueMove responded to Merrigan’s alert on the possible data leak on Tuesday and managed to restrict access to the folder which stored its customers’ private data.

 

Takorn Tantasith, secretary-general of NBTC, said TrueMove H must explain during the April 17 meeting with the regulatory agency what happened to its customers’ personal data. There was a risk that a large number of individuals’ private ID card data could have been compromised due to it being stored in an unsecured way, he said.

 

http://www.nationmultimedia.com/detail/national/30343191

Posted

Can we now really trust any company/organisation to keep our data safe? As importantly how can we get them to obey our stated wishes?

 

I was a member of Linked In for a few years. I thought it might be useful for business purposes. It wasnt. So five years ago I deleted the account. Since then I have had at least 40 requests from Linked In members to be a friend or link or whatever they call it. The last was just two weeks ago. Worse, one from from a close friend who died four years ago. Having cancelled the account I now cannot get in in order to tell the organisation to stop sending me useless emails. I suppose to them I remain a number to justify their total member count.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...