Thai Public Health Minister Anutin Charnvirakul admitted today, September 7th, that the ministry’s database at Phetchabun Hospital under their supervision had been hacked.
His statement was followed by a social media page that posted a message yesterday, stating that there was stolen private data, including patients’ address, identification numbers, phone numbers, date of birth, hospital names, doctors’ information, and similar information, that was being sold on Raidforums.com. The hacker claimed to have data on millions of patients, however, Dr. Thongchai Keeratihattayakorn, deputy permanent secretary for public health, stated that only 10, 095 patients’ data had been stolen.
Dr. Thongchai also seemed to downplay the security breach at an earlier press conference, stating that the data taken was not as private as the hacker claimed. However, he did apologize for the incident and admitted that some information on patient’s symptoms were taken.
Anutin said he received an initial report and ordered related officials to investigate the case. The initial investigation revealed that the hacking process had taken place in the Phetchabun province. He also urged the public to stay calm while the officials were working on the case.
Meanwhile, the authorities would also take legal action against the hacker(s) as publishing such confidential information is a violation of the Computer Crime Act and Section 7 of the National Health Act.
“The culprit would be arrested and be taken to legal proceedings with the maximum penalties the law provides as such crime has tremendously caused damage and ruined the reputation of the ministry and patients,” he added.
Dr. Anant Kanoksilp, information technology director at the Public Health Ministry, stated that the attack was not an international ransomware attack and is believed to be domestic.
Follow us on Facebook,