The biggest data breaches in Southeast Asia

Major data breaches in Southeast Asian countries evidence the region's weaknesses in the areas of cybersecurity and data protection.

1 2 Page 2
Page 2 of 2

Airlines around the globe are becoming  attractive targets for hackers, as recent attacks on Singapore Airlines, Malindo Airways, British Airways, and Cathay Pacific show us.

On July 2016, 410,000 clients of Vietnam Airlines saw personal information compromised after the national flag carrier’s website was subject to a cyberattack by self-proclaimed Chinese hackers.

The data stolen, which was then leaked on the internet, belonged to VIP members of the airline’s Lotusmiles scheme. It included names, birthdays and addresses.

The attack, believed to be politically motivated, also affected flight information displays and speaker systems at Tan Son Nhat International Airport and Noi Bai International Airport, the country’s biggest airports.

Intercepted screens showed derogatory messages in Chinese against Vietnam and the Philippines in their territorial row against China in the South China Sea.  

Banks raised concerns in the aftermath of the data breach about the use of the leaked information to steal their clients’ money, as many Lotusmiles members had used bank cards to complete transactions with the airline.

Thailand, March 2016: Expats data compromised

Late on a March Sunday afternoon, social media users noticed that a database containing the names, addresses, job titles and passport numbers of more than 2,000 foreign nationals living in Thailand’s southern province was widely available online.

The website where the information was published carried the Thailand immigration police seal but used a private Thai web address, which is not usually associated with government sites. The data was openly accessible without a password and some users even guessed the administration password, which unsurprisingly was 12345.

The site also featured a digital map pinpointing the expats’ location and their personal details, making it a cause for worry to hundreds of foreigners living in the southern region of the Asian country.

When authorities ordered to take down the website on the following Monday, it was already too late: the site’s existence had gone viral and it had become another stain in the government’s cybersecurity record, which in 2016 had seen the websites of the police, courts and correction departments hacked.  

Thai Netizens, a digital advocacy group, tracked down the website's owner, a developer called Akram Aleeming, who later posted a statement on Facebook saying the site had mistakenly been made public during testing stages. According to his statement, the immigration police had commissioned the website.

Philippines, March 2016: “The biggest government data breach in history”

On 27 March 2016, 55 million voters in the Philippines were subject to what’s been deemed the “biggest government data breach in history” after the entire database of the Commission on Elections (Comelec) was hacked and leaked.

Behind the attack was a group self-named Anonymous Philippines. Following the breach, a second hacker group, LulzSec Pilipinas, posted the database online and since then it has been widely shared by others.

Anonymous Philippines is a hacktivist community likely to be connected or inspired by the global Anonymous hacker network, which has rallied supporters in over 20 countries globally against government corruption and internet censorship.

Among the data stolen from Comelec, which was distributed on both the dark and clear web, were 228,605 email addresses and 1.3 million passport numbers of overseas Filipino voters and 15.8 million fingerprint records.

Other information contained within the breach included postal addresses, place of birth, height, weight, gender, marital status and parents' names. Although dates of birth and names were encrypted, the rest of the data wasn’t.

What can CIOs in the region do to prevent data breaches?

Unfortunately, data breaches in ASEAN - and worldwide - are expected to increase not only in the volume of data records but also on the value of the information stolen. Behind these attacks, say A.T. Kearney analysts, are no longer garage hackers but criminal organisations and well-funded nation-state actors with financial or geopolitical motives.

To avoid your organisation ending up on this list (or getting a formal warning, as it was the case of L’Oreal Singapore this month), A. T. Kearney’s Hari Venkataramani (partner, Southeast Asia), Carlos Oliver Mosquera (director, Southeast Asia) and Nikolai Dobberstein (partner, head of communications, media and technology APAC) recommend putting cybersecurity efforts where the risks are, rather than focusing purely on compliance. They also advise CIOs to work with their peers and with government agencies to share region-specific threat intelligence and know-how.

“We advise to promote wider collaboration within and across sectors to share region-specific threat intelligence and cybersecurity know how,” Venkataramani, Mosquera and Dobberstein added. “This can be greatly facilitated by government institutions, so we make a call to both CIOs and CISOs from the private sector and cybersecurity agencies to promote public-private collaboration partnerships.”

Copyright © 2020 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
How to choose a SIEM solution: 11 key features and considerations