Thailand 3.8m user info

The Thailand 3.8m user info leak occurred in 2023, affecting nearly 4 million users. The leakage occurred due to a vulnerability in an open-source software used by a mobile network operator in Thailand. The software, called Syniverse, is a communication platform used for SMS and voice messaging.

The attackers exploited a misconfigured Syniverse server, which allowed them to access the personal information of millions of users. The leaked data includes users names, phone numbers, email addresses, passwords, and sensitive personal details such as National ID cards. The data is potentially valuable for cybercriminals, who can use it for phishing scams, identity theft, and other malicious activities.

It is uncertain how long the vulnerability remained unpatched, but it is believed that the attackers accessed the data directory without using valid credentials. The mobile network operator has since addressed the issue and has offered to notify the affected users. However, with millions of users affected, it may take time to reach out to each individual.