The Desorden hacker group has claimed responsibility for a significant data breach at AIS Thailand, one of the country’s largest telecommunications service providers.
While AIS Thailand has not officially confirmed the cyberattack, Desorden asserts that they successfully exfiltrated 198GB of sensitive client data. This data breach, which occurred in August, involved the infiltration of AIS PBX server systems, leading to the theft of various types of data, including voice recordings, incoming and outgoing call records of corporate clients, and information from prominent companies like DHL and Unilever.
Desorden, a group that has a history of conducting cyberattacks, used a hacker forum to announce their involvement in the AIS Thailand cyberattack. They detailed the breach on the publicly listed company, AIS Thailand, and posted samples of the stolen data on the forum.
Additionally, they claimed that AIS had experienced a data breach in 2020, although this claim remains unverified. This breach raises concerns about the security of sensitive client data and highlights the need for robust cybersecurity measures.
In the past, Desorden has targeted various organizations, including The Icon Group in Thailand in 2022, resulting in the theft of Know Your Customer (KYC) information from approximately 70,000 customers.
Furthermore, in 2021, Centara Hotels & Resorts in Thailand fell victim to two separate hacking incidents orchestrated by Desorden, leading to the compromise of 400GB of files containing personal customer data. Desorden’s track record of cyberattacks underscores the importance of organizations prioritizing cybersecurity to protect against such threats.