AIS plays down 8.3bn-record leak

AIS plays down 8.3bn-record leak

American publisher says data could 'quickly paint a picture' of a user

Advanced Info Service Plc, Thailand’s largest mobile operator, has denied its users’ data are compromised as reported by an American online technology publisher, saying the logs only show an overall picture of internet use, not personal or sensitive information of its customers.

Saichon Sapmak-udom, chief of public relations, told Thai media the revelation by TechCrunch was a result of a test this month to improve its network.

“We insist no customer data are compromised, financial or anything else,” she said.

She added AIS valued customers’ privacy and had always complied with the highest international privacy standards.

TechCrunch, which was acquired by online service provider AOL 10 years ago,  reported on Monday AIS had pulled a database offline after 8.3 billion realtime internet records of millions of Thai users were leaked.

The article quoted security researcher Justin Paines, who blogged he had found a server of AWN, one of AIS’ subsidiaries, left exposed to the internet without authentication. It contained the database with DNS queries and Netflow data.

DNS queries are demands sent from a user's device to a DNS server asking for the URL of the website he wants to access. The process happens transparently behind the scene every time a user clicks a link and types a URL.

"DNS queries don’t carry private messages, emails, or sensitive data like passwords, they can identify which websites you access and which apps you use... But that could be a major problem for high-risk individuals, like journalists and activists, whose internet records could be used to identify their sources" read the article.

Advertisers also find DNS data valuable for serving targeted ads.

Netflow data contain the IP flow information of a network. They contain IP addresses, dispensed by ISPs, and if mapped with usage records kept by them, can identify a device.

With access to the database, Mr Paine said that anyone could “quickly paint a picture” about what an internet user or their household does in realtime, the kind of devices they owned, which antivirus they ran, and which browsers they used, and which social media apps and websites they frequented.

He claimed to have alerted AIS about the database on May 13 but received no response after seven days. He then told Thailand’s national computer emergency response team (ThaiCERT) on May 21 and the database was inaccessible shortly later.

“Interestingly enough, AWN had this DNS dashboard saved with a filter specifically looking at Facebook traffic. It's unclear why they would be particularly interested in who was going to Facebook,” Mr Paines wrote.


Do you like the content of this article?
COMMENT (7)

Coming home

American basketball star Brittney Griner released in a prisoner swap with Russia for notorious arms dealer Viktor Bout, who was arrested in Thailand in 2008 and later jailed in the US.

8 Dec 2022

Koreans about to become one year younger

SEOUL: South Korean lawmakers have approved a measure that would revise the way the country tallies a person’s age, ending a system that counted newborns as a year old and meaning that most of its citizens are about to get younger.

8 Dec 2022

Bangchak to make jet fuel from used cooking oil

The SET-listed energy conglomerate Bangchak Corporation plans to make biofuel for aircraft, also known as sustainable aviation fuel (SAF), from used cooking oil through a joint venture with a 200-million-baht budget, in a move to cut carbon dioxide emissions.

8 Dec 2022