The personal data of 106 million international travellers to Thailand was found last month to have been exposed online.

According to Comparitech, a cybersecurity research firm, the breach was quickly secured by Thai authorities.

The National Cybersecurity Agency (NCSA) likewise confirmed the incident, adding it had not detected any attempts to sell the data on underground websites. 

Comparitech indicated the database included full names, sex, passport numbers, arrival dates, visa types and residency status. 

According to the research firm, the database was indexed by search engine Censys on Aug 20. Comparitech discovered the indexing two days later and immediately alerted Thai authorities. 

Thai authorities secured the database on Aug 23. 

Database records run from 2011 to the present, meaning all who travelled to Thailand over the previous decade might have had their information exposed. 

According to Comparitech, Thai authorities responded quickly to the disclosure, although the research firm noted it did not know how long the data had been exposed prior to its being indexed.

Grp Capt Amorn Chomchoey, acting secretary general of the NCSA, told the Bangkok Post an ethical hacker informed authorities they should fix the issue. 

“We have checked, and as far as we know there is still no sale of data via underground web groups,” Grp Capt Amorn said. 

Meanwhile, a user on raidforums.com, a database sharing and marketplace forum, on Tuesday offered to sell 15 million data records involving emails, names, home addresses and phone numbers of those using e-commerce platform Shopee. 

Responding to the Shopee case, Grp Capt Amorn said his agency was working with the e-commerce company to verify whether there had been a data breach.