%20(1).webp?w=1600&resize=1600,900&ssl=1)
A recent dark web post has thrust Thailand’s state-owned telecommunications provider, TOT Mobile, into the spotlight following claims of a significant data breach.
The post, first highlighted by cybersecurity watchdog @DailyDarkWeb, alleges the sale of 679,000 customer records and 182,000 national ID card details linked to TOT Mobile. ‘
While the company has yet to confirm the breach, authorities and cybersecurity experts warn the incident could exacerbate Thailand’s growing crisis of digital identity theft and financial fraud.
Breach Details and Immediate Risks
According to the post from DailyDarkWeb, the leaked dataset, priced at an undisclosed amount on a dark web forum, reportedly includes sensitive customer information such as full names, contact details, billing addresses, and government-issued identification numbers.
Threat actors often weaponize such data for phishing campaigns, SIM-swapping attacks, and fraudulent loan applications—a pervasive issue in Thailand’s rapidly digitizing economy.
Cybersecurity firm Resecurity noted that Thai citizens’ data has become a “high-value commodity” in underground markets, with breaches surging by 40% year-over-year since 2023.
The TOT leak follows a similar incident in January 2025 involving Oppo Thailand, where 165GB of customer and employee data was listed for sale.
TOT’s History of Operational and Security Challenges
TOT Mobile, now part of National Telecom following its 2021 merger with CAT Telecom, has long faced scrutiny over its cybersecurity posture.
The state-owned operator reported a $40.6 million loss in 2014 due to mismanagement and legacy infrastructure, and its restructuring plans emphasized cost-cutting over technological upgrades.
Analysts argue this underinvestment left critical systems vulnerable.
In 2018, TOT’s partnership with private firm True sparked a $2.9 billion arbitration dispute over breached service agreements, though no data leaks were reported at the time.
The current breach underscores systemic vulnerabilities in Thailand’s telecom sector, where rapid digital expansion has outpaced regulatory oversight.
Regulatory Response and Consumer Safeguards
Thailand’s Personal Data Protection Commission (PDPC) has launched an investigation, invoking Section 37 of the Personal Data Protection Act (PDPA), which mandates breach notifications within 72 hours.
The PDPC’s Eagle Eye Centre, tasked with dark web surveillance, is coordinating with the Cyber Crime Investigation Bureau to trace the leak’s origin.
Customers are advised to monitor financial accounts, enable multi-factor authentication, and report suspicious activity.
Meanwhile, cybersecurity experts urge TOT to conduct a full infrastructure audit, noting that unpatched API vulnerabilities—like those exploited in T-Mobile’s 2021 breach of 50 million records—remain common attack vectors.
As authorities work to mitigate the fallout, the incident highlights the urgent need for Southeast Asian nations to fortify critical infrastructure against state-sponsored and criminal hacking groups, which UNODC reports increasingly target telecoms for geopolitical and financial gain.
For TOT Mobile, restoring public trust will require transparency and sustained investment in modernized defenses.
Also Read:
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The%20post,%20first%20highlighted%20by%20cybersecurity%20watchdog%20@DailyDarkWeb,%20alleges%20the%20sale%20of%20679,000%20customer%20records%20and%20182,000%20national%20ID%20card%20details%20linked%20to%20TOT%20Mobile.%20'){kind=link}