Minister calls urgent cybersecurity talks after leak of 13m e-commerce accounts

[rooster59]

Minister calls urgent cybersecurity talks after leak of 13m e-commerce accounts

By The Nation

 

Buddhipongse Punnakanta

 

The digital minister has asked experts to help plug gaps in e-commerce security after netizens discovered personal data from more than 13 million accounts up for sale on an underground website. The discovery earlier this week prompted widespread criticism of Thailand’s e-commerce data protection system.

 

 

Digital Economy and Society (DES) Minister Buddhipongse Punnakanta said the stolen data includes names, telephone numbers, email addresses, and transactions of customers who made purchases through Lazada, Facebook, Line, Shopee and other platforms in 2018.

 

The ministry contacted Lazada Thailand, who confirmed that the data was not leaked from its own system. Lazada said it is now investigating the source of the breach.

 

The DES minister has invited cyber experts from the Electronic Transactions Development Agency (ETDA), the National Cybersecurity Commission and all e-commerce platforms for talks early next week on ways to prevent the hacking and leaking of consumer data.

 

Puttipong said the DES ministry prioritises the security of personal information and was coordinating with all relevant agencies in a bid to combat the rising threat from cybercriminals.

 

Source: https://www.nationthailand.com/news/30398308?utm_source=category&utm_medium=internal_referral

 

-- © Copyright The Nation Thailand 2020-11-21

 

- Whatever you're going through, the Samaritans are here for you

- Follow Thaivisa on LINE for breaking COVID-19 updates

[Hayduke]

5 minutes ago, rooster59 said:

The discovery earlier this week prompted widespread criticism of Thailand’s e-commerce data protection system.

 

Thailand has an e-commerce data protection system....? Really...?

 

 

Edited November 20, 2020 by Hayduke

[Pravda]

5 minutes ago, rooster59 said:

The ministry contacted Lazada Thailand, who confirmed that the data was not leaked from its own system. Lazada said it is now investigating the source of the breach.

 

I don't believe you. 

[ThailandRyan]

They need to hire a few of those Digital Nomads that reside here, give them a work permit and a work visa, allow them to work side by side with DSI, cybersecurity, and ECDPS.  That would make a few individual White hats happy.  Life will then be like it is in the rest of the world.  But then TIT and it is the center of the Universe where they are the smartest people in the world they live in and everyone else is below them.

[HaoleBoy]

8 hours ago, ThailandRyan said:

They need to hire a few of those Digital Nomads that reside here, give them a work permit and a work visa, allow them to work side by side with DSI, cybersecurity, and ECDPS.  That would make a few individual White hats happy.  Life will then be like it is in the rest of the world.  But then TIT and it is the center of the Universe where they are the smartest people in the world they live in and everyone else is below them.

I doubt that will help much.  Most of these "digital nomads" are bloggers / vloggers, front end (web sites), and gamers.  Cybersecurity is a very specialized field that pays very well.  I doubt you'll find someone like that hanging out in Thailand.

Edited November 21, 2020 by metisdead
Please do not modify someone else's post in your quoted reply, either with font or color changes or wording.

[Mr Meeseeks]

2 hours ago, HaoleBoy said:

I doubt that will help much.  Most of these "digital nomads" are bloggers / vloggers, front end (web sites), and gamers.  Cybersecurity is a very specialized field that pays very well.  I doubt you'll find someone like that hanging out in Thailand.

I know at least two Westerners employed by large Thai companies in cybersecurity. 

 

One works for a Thai Bank as Head of cybersecurity. 

[trainman34014]

No big surprise is it when they have a Gang of Criminals running the country and useless Muppets in every Government Department; all only in their overpaid positions and only interested in personal gain.    What the majority of them know about the 'jobs' they are supposed to be doing could be written on the back of a postage stamp !

[Traubert]

28 minutes ago, trainman34014 said:

No big surprise is it when they have a Gang of Criminals running the country and useless Muppets in every Government Department; all only in their overpaid positions and only interested in personal gain.    What the majority of them know about the 'jobs' they are supposed to be doing could be written on the back of a postage stamp !

Nice Thai bashing.....

[rkidlad]

7 minutes ago, Traubert said:

Nice Thai bashing.....

Are you saying this government isn’t a bunch of incompetent crooks? 

[Colabamumbai]

Got 5 alerts last week accounts compromised. 

[Flying Saucage]

6 hours ago, Hayduke said:

7 hours ago, rooster59 said:

The discovery earlier this week prompted widespread criticism of Thailand’s e-commerce data protection system.

 

Thailand has an e-commerce data protection system....? Really...?

 

Does Thailand have ANY data protection systems, except blocking websites like Pornhub? ????

 

[Megasin1]

its a sign of the times and not just a Thai problem, but certainly a worry for Thailand when they are trying to encourage people with money to invest, but once again "don't invest in Thailand what you aren't willing to lose". If you ever think that your data is safe in a third world country's hands then think again.

When all the banks moved their call centres to India the call centre staff were selling customers data onwards. You can't afford all those iphones and a nice standard of living on a data handlers salary. It just sounds like in this case 1 or 2 data handlers fancied a merc or 2. The only difference between a hacker or a data seller and the social network and shopping companies is that the companies sell and use your data with "style" and make a damned more money out of it. Unfortunately the data sellers also pass on your data to anyone with a buck, so you are in more danger, but whichever way you look at it someone is looking at you ????

[berrec]

Look and objective view; take at look at most Thailand government software solutions they leave a lot to be desired.

 

 When users point out operational and functional flaws in their systems it is mostly meet with deadly silence. 

 

Private industry software solutions here are a little better mostly because many appear to be cloned industry specific solutions reconfigured for Thais.

 

If Thailand's 4.0 technology strategy and goals were really in place in both government and industry and less on a vision and mission statement maybe the cyber hacking of systems COULD be mitigated.

 

Bur that said, when large international companies like LinkedIn eBay, Adobe, Marriott, Yahoo,T-Mobile, Google, Facebook and a a string of others are hacked it can happen to any organization.

 

All software systems are vulnerable to hacking that's just a fact of life; the real challenge is cyber security investment and protection.

 

I often compare investment in software cyber security solutions to that of vehicle insurance policies; buy a tier 1 policy and you get what you pay for.   

 

The organizational executive decision is how much are you prepared to invest in your organization's cyber security resources (hardware, software and personnel) to protect your company's assets and your associated  user's information.

 

The old cliche; you pay peanuts you get monkeys. 

 

[Destiny1990]

How about 20 photocopies documents of this and that etc just for a simple tourist visum extension ? Is that system still watertight? ????????????

[b2bme]

It's not just Thailand! Singapore had the same data breach with Lazada, Red Mart and a few others about 6 weeks ago. 

[DirtyHarry55]

In other articles they make it sound like the leak came from Lazada

but seems data has been leaked from a number of online shopping platforms so I suspect the Leak is from a Payment Gateway
so now which gateway could that be? Credit Card or perhaps even the Governments own payment Gateway how do they call it now??
I guess the question will be answered very soon tongue in cheek lol.

 

[Cake Monster]

Thailand is always banging on about its ability to use cashless payment systems, and its Digital Economy.

Like everything else, there is only about a 75% chance of anything doing what its supposed to do, and with something like this, 75% just does not cut it..

 

[chilli42]

8 hours ago, HaoleBoy said:

I doubt that will help much.  Most of these "digital nomads" are bloggers / vloggers, front end (web sites), and gamers.  Cybersecurity is a very specialized field that pays very well.  I doubt you'll find someone like that hanging out in Thailand.

Time to bring in the Russians or North Koreans.

[chilli42]

10 hours ago, rooster59 said:

The DES minister has invited cyber experts from the Electronic Transactions Development Agency (ETDA), the National Cybersecurity Commission and all e-commerce platforms for talks early next week on ways to prevent the hacking and leaking of consumer data.

Never bring a knife to a gun fight.

[tandor]

10 hours ago, rooster59 said:

Minister calls urgent cybersecurity talks after leak of 13m e-commerce accounts

By The Nation

 

Buddhipongse Punnakanta

 

The digital minister has asked experts to help plug gaps in e-commerce security after netizens discovered personal data from more than 13 million accounts up for sale on an underground website. The discovery earlier this week prompted widespread criticism of Thailand’s e-commerce data protection system.

 

 

Digital Economy and Society (DES) Minister Buddhipongse Punnakanta said the stolen data includes names, telephone numbers, email addresses, and transactions of customers who made purchases through Lazada, Facebook, Line, Shopee and other platforms in 2018.

 

The ministry contacted Lazada Thailand, who confirmed that the data was not leaked from its own system. Lazada said it is now investigating the source of the breach.

 

The DES minister has invited cyber experts from the Electronic Transactions Development Agency (ETDA), the National Cybersecurity Commission and all e-commerce platforms for talks early next week on ways to prevent the hacking and leaking of consumer data.

 

Puttipong said the DES ministry prioritises the security of personal information and was coordinating with all relevant agencies in a bid to combat the rising threat from cybercriminals.

 

Source: https://www.nationthailand.com/news/30398308?utm_source=category&utm_medium=internal_referral

 

-- © Copyright The Nation Thailand 2020-11-21

 

- Whatever you're going through, the Samaritans are here for you

- Follow Thaivisa on LINE for breaking COVID-19 updates

...you mean you sold the 'gaps' to the highest bidder.

[rkidlad]

Lazada is an awful website with an awful layout. Don’t you just love when you type something in and it says “we’ve detected some unusual activity” so you have to slide the bar. And then is often the case you have to keep sliding the bar ‘til you’ve done it perfectly. And then, to top it all off and p*** you off some more, you have to reenter what you typed in in the first place. 
 

A website like Amazon is far superior in every way. 

Edited November 21, 2020 by rkidlad

[ThailandRyan]

1 hour ago, Destiny1990 said:

How about 20 photocopies documents of this and that etc just for a simple tourist visum extension ? Is that system still watertight? ????????????

Probably out back with the soi dogs near the garbage ???? so anyone could find them.  Amazing Thailand.  I think they know their computer systems are hackable and are worried if they digitize the paperwork a foreigner will Hackman and mysteriously upload more papers to their file so that they can not get rejected.

[RJRS1301]

11 hours ago, Hayduke said:

 

Thailand has an e-commerce data protection system....? Really...?

 

 

Seems so, but it isn;t terribly effective it appears. 

[Sean60]

I wonder if this guys can do anything correct? I am waiting and waitingggg and waitingggggggg

[sammieuk1]

Could be overrun with Nigerian princes any day now ????

[Destiny1990]

45 minutes ago, ThailandRyan said:

Probably out back with the soi dogs near the garbage ???? so anyone could find them.  Amazing Thailand.  I think they know their computer systems are hackable and are worried if they digitize the paperwork a foreigner will Hackman and mysteriously upload more papers to their file so that they can not get rejected.

Including clear map to our houses, signed copies all our  bank accounts statements , signed copy of our passports , our mobile phone numbers, email adresses, .. no thanks no more visa extensions for me..

[hotchilli]

5 hours ago, Flying Saucage said:

 

Does Thailand have ANY data protection systems, except blocking websites like Pornhub? ????

 

I use my own when purchasing from Lazada... it's called C.O.D

[Bangkok Barry]

How many times have we read of data breaches? Dozens, involving even the biggest companies in the world. Their claim that they take the security of our information very seriously isn't worth anything at all. I've read many times also that the situation is far more serious than most of us hear about, as hackers hold companies to ransom and who knows how much has to be handed over to the cyber-criminals to avoid 'embarrassment'.

[ThailandRyan]

1 hour ago, Destiny1990 said:

Including clear map to our houses, signed copies all our  bank accounts statements , signed copy of our passports , our mobile phone numbers, email adresses, .. no thanks no more visa extensions for me..

It is a very scary proposition isn't it.  You wonder if any of the foreign Embassies have even broached the subject with the Thai Government about how all of our information is available for anyone within immigrations grasp, and not secured.  When I obtained my extension last month, the stacks of paperwork were just sitting on desks with no one around.

[SuwadeeS]

I believe that is not the real reason.

 

I do believe, that they only copy the Chinese style of spying on the citizens.