Hospital hack prompts call for cooperation

Hospital hack prompts call for cooperation

16m patient records may be compromised

The Cyber Crime Investigation Bureau is seeking cooperation from the kingdom's international partners, including the United States, to investigate the hacking of a patient database at Phetchabun Hospital.

A security breach was reported early this week after a user on, a database sharing and marketplace discussion forum, on Sunday claimed to be selling 16 million patient records that were stolen from the Public Health Ministry.

The ministry later clarified that data was stolen from Phetchabun Hospital when its servers were breached. Data for over 10,000 patients was stolen by the hacker, the hospital said.

Attempting to quell concerns over the matter, the hospital insisted the hacked data only contained general and primary information provided by patients, noting the stolen data did not contain any medical or diagnostic information.

Meanwhile, the Bhumirajanakarindra Kidney Institute Hospital recently revealed that 40,000 of its patient records were stolen and its data system was damaged during a security breach, resulting in the hospital being unable to access its X-ray archive.

Thirachai Chantharotsiri, director of the hospital, said the facility received a phone call from a foreigner who claimed to have important information about the hospital's database and tried to negotiate for a payment.

The hospital lodged a complaint with police on Wednesday.

The CCIB said its preliminary investigation showed that a group of Indian hackers was behind the security breach at Phetchabun Hospital, and it was using a server in Singapore.

The group was also likely behind the hacking of a computer system at a hospital in the Northeast and that of Krungthai Bank, the CCIB had said earlier.

However, Pol Lt Gen Kornchai Klayklueng, commissioner of the CCIB, on Thursday said more recent information indicates the hackers were operating in the US.

The CCIB will seek cooperation from US authorities and other international agencies to track them down.

He said the initial findings suggest Phetchabun Hospital downloaded a free content management system (CMS) programme without setting a proper IP address, and that opened a way for hackers to enter.

Breaches in other state and private agency databases are likely to be associated with the compromised CMS programme, Pol Lt Gen Kornchai added.

He said the number of victims in this case is likely to be higher than that reported by the media as the CCIB has found stolen records being sold on the discussion forum.

Minister of Digital Economy and Society Chaiwut Thanakamanusorn said the ministry will tell state agencies to be more aware of the importance of data protection and boost measures in the wake of the breaches.

He said that the Cybersecurity and Computer Crime Acts are key legal tools in dealing with cyber security threats.

Do you like the content of this article?

Economy set to expand despite global recession

Thailand is expected to eke out annual economic growth of about 3% over the next two years despite a looming global recession, says Bangkok Bank economist Kobsak Pootrakool.


Submarine engine plan up in the air

The navy has not yet decided whether to replace a German engine that was supposed to power the S26T Yuan-class submarine it is in the process of buying with a Chinese-made engine or to terminate the purchase contract.


Thai spikers look to continue hot run, reach quarter-finals

Thailand begin their second-round campaign against Canada at the FIVB Women's World Championship on Tuesday as they aim to reach the quarter-finals.