An unsecure Elasticsearch database containing the personal data of 106 million visitors to Thailand was discovered on August 22, 2021 by Bob Diachenko, a cybersecurity researcher at Comparitech.
According to Infosecurity Magazine, the database was publicly accessible, and contained “full names, arrival dates, gender, residency status, passport numbers, visa information and Thai arrival card numbers” dating back to 10 years ago.
In a surprising twist, the data breach hit close to home as the cybersecurity researcher stumbled upon his own personal data in the database.
While researchers were unable to determine how long the data had been exposed for, Thai authorities acted swiftly to secure the database within 24 hours of receiving word of the vulnerability. As a second line of defense, the index has been replaced with a digital booby trap such that any visitor who attempts to access the database is shown the message, “This is a honeypot, all access were logged [sic].”
According to the report, “any foreigner who traveled to Thailand in the last decade or so probably has a record in the database.” With Dasera, Thai authorities could have prevented this vulnerability by detecting and correcting database misconfigurations, to protect the privacy of these impacted individuals.