The Royal Thai Police Cyber Crime Investigation Bureau (CCIB) yesterday (Sept 9) announced the update to their investigation of a data breach by hackers of a hospital, an incident in a series of cyberattacks in Thailand reported in recent days.
The CCIB Commissioner Pol Lt Gen Kornchai Klaiklueng, said the group of hackers behind the attack was found to be located in the United States, following investigations that showed traces of the attack linked to India and a server in Singapore earlier, reports state news agency NNT.
The police are now coordinating with US agencies and other international agencies to help with the investigation.
The CCIB chief said other agencies and private firms, including CP Freshmart and several other hospitals, are now known to have been attacked by the same group. He said the CCIB is ready to assist with these cases if asked.
He said the CCIB will continue pursuing the case in order to arrest the persons responsible, while the unit will keep on focusing on the suppression of cyberattacks along with illegal online trades.
Since the CCIB’s conception last year, the bureau has already captured suspects in 2,472 cases of the illegal trading of goods on online platforms. The CCIB is also working to introduce an online case filing system, allowing victims of online abuse to report their cases from home or at a local police station, without visiting the CCIB in person.
The Ministry of Public Health (MOPH) on Tuesday announced it is pressing charges against the hacker who has obtained and sold personal data from a hospital database in Thailand.
The response from the Health Ministry came after an offer was posted on Sept 5 in an online forum to sell a set of data containing 16 million records hacked from a hospital in Thailand.
Deputy Permanent Secretary of Public Health Dr Thongchai Keeratihattayakorn said the investigation and initial damage assessment launched by the ministry shows the information leaked is a set of 10,095 patient records obtained from a hospital in Phetchabun province, including personal information such as names, addresses and phone numbers.
The leaked data also included hospital-related data such as shift rotations and appointment schedules. However, no information related to patients’ treatment is included.
Dr Thongchai said the ministry believes the hackers involved in the case are the same group as those behind the ransomware attack at Saraburi Hospital last year.
Dr Anan Kanoksilp, Director of the MOPH’s Information and Communication Technology Center, said the hospital in this case is found to be using an open-sourced application requiring internet connection as part of its IT system, creating vulnerability to cyberattacks.
To date, the hospital has disabled its connection to external networks, while its IT systems are still operational. The incident is also not a ransomware attack, where the hacker would encrypt the data preventing any access, and demand payment in exchange for the decryption key.
Dr Suttipong Wacharasindhu, Deputy Secretary General of the National Health Security Office, commented that health-related personal information must be treated as confidential.
The exposure of such information causing damage is considered a breach of personal rights, an offense punishable by the National Health Act with up to six months imprisonment, a B10,000 fine, or a combined penalty.
Deputy Prime Minister and Minister of Public Health Anutin Charnvirakul said the ministry will be discussing the enhancing of cybersecurity measures, saying however that he believes each hospital already has adequate measures to safeguard patient information.