Executives of True Corporation, Thailand’s mobile phone operator, went to the office of the National Broadcasting and Telecommunications Commission (NBTC) Tuesday morning to discuss the leak of customers’ personal information allegedly by hackers.
The executives who included Mr Suebsakul Sakolsattayathorn, managing director of Ascend Commerce, an affiliated firm of True Corp, and Mr Pakapong Pattanamat, deputy director of mobile business of True Crop, met for about one hour with NBTC secretary-general Takorn Tanthasit and Mr Prawit Leesathapruanga, acting NBTC commissioner.
The meeting followed a notification to True in March by Niall Merrigan, a Norway- based security researcher, that he was able to access to 32 gigabytes of True’s customers’ data, including their ID cards and passports, suggesting that the data had been hacked.
During the meeting, True executives reportedly told the NBTC that they suspected the personal files of 11,400 customers out of a total of about one million were hacked by very experienced hackers using special equipment.
However, they have already notified the 11,400 customers through short messages and that the company has fixed the leak . They also clarified that they did not notify the affected customers much earlier because they wanted to investigate the matter first but they promised to formally lodge a complaint with the police, according to informed sources.
After the meeting, Takorn told the media that it was still premature to blame True Corp for being at fault as the regulator would need to find more information about the case.
However, he said the case would serve a lesson for the NBTC to warn the other mobile phone operators to tighten up the security of their customers’ personal data.
In the longer term, he indicated that the NBTC might make use of the basic communication reserve fund for investment in its own database of mobile phone customers of all operators instead of the private sector keeping their own customers’ database.