The Department of Older Persons (DOP) filed a complaint with the Cyber Investigation Bureau (CIB) on Wednesday following an alert about a personal data leak from the department's website.
Raemrung Worawat, the DOP director-general, said she had filed the complaint with the CIB and the Personal Information Protection Committee about the violation of the Personal Data Protection Act (PDPA). This step was taken on the order of Social Development and Human Security Minister Varawut Silpa-archa.
The order came after a report on Jan 22 by Resecurity, an American cybersecurity company, which revealed that personal identifiable information (PII) of Thai citizens found on the dark web was leaked from public sector platforms, including the DOP website, in January.
Regarding the DOP leak, the report said 19,718,687 rows of PII data, including names, addresses and ID numbers, were reported to have been compromised, as well as pictures of copies of ID cards and photos of people pictured with their ID card.
According to the report, the private data has been misused at least 14 times in cybercrime platforms, mostly to defraud consumers.
The report added the origin of this breach remains unidentified. However, the malicious cyber activities against Thai government agencies could indicate a growing trend of zeroing in on new targets.
Ms Raemrung said the ministry has asked experts and developers to assist in the investigation. The DOP is expected to prosecute any individuals found to be involved in the data leak, she added.
The DOP has instructed all responsible units to protect every PII in their database.
Ms Raemrung said the department has installed multiple systems to heighten information security and protection.
A closer monitoring of the data-safeguarding system is needed, with better security measures put in place, the department chief added.