Local Thai agencies blamed for majority of state data breaches
Local administrative organisations (LAOs) have emerged as the primary culprits behind the most significant personal data leaks among state agencies, according to the Digital Economy and Society Ministry (MDES).
The MDES conducted an extensive review of 31,561 state-run units from last November to yesterday, August 27, uncovering a total of 6,086 instances of personal data breaches. Minister Prasert Jantararuangtong revealed that 6,081 units and agencies have been alerted and advised to implement corrective measures.
These checks were carried out by the Personal Data Protection Commission’s (PDPC) Eagle Eye Centre, which focuses on the surveillance of personal data misuse and violations.
Prasert highlighted a notable improvement in the frequency of data leakages at state-run units. The rate plummeted from 31% per month last November to just 1.6% by the end of July.
The LAOs were identified as the worst offenders, responsible for 2,850 out of the 6,086 cases. Moreover, there were 139 instances where officials from state-run units illicitly sold citizens’ personal data during the review period.
The Cyber Crime Investigation Bureau has actively pursued these breaches, leading to the arrest of 11 suspects linked to data theft charges.
The DES minister stated that the ministry has instructed the PDPC to raise public awareness regarding the Personal Data Protection (PDPA) Act and to persist in monitoring further data leaks by state agencies.
“These agencies must earn the public’s trust in their ability to safeguard personal information by adopting adequate legal measures.”
Prasert acknowledged that while there has been a general decline in personal data leaks, they remain prevalent within state agencies responsible for public services.
“The ministry has committed to a proactive stance against personal data abuse across both private and state sectors.”
Prasert warned that state agencies permitting such data leakages or abuse could face legal repercussions and fines under the PDPA law, reported Bangkok Post.
In related news, the Election Commission (EC) accidentally exposed the national ID numbers of over 23,000 candidates who had advanced to the district-level senatorial elections. The Personal Data Protection Commission (PDPC)’s Eagle Eye Centre sounded the alarm, revealing the EC Office had breached personal data protection laws.