DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Thai authorities still looking for “9Near” (Updated)

Posted on April 10, 2023 by Dissent

The case of the “9Near” hacker continues to make the news in Thailand.

The story began last month when someone offered to sell data on 55 million Thai citizens on BreachForums. Days later, and before there was any evidence of any sale, BreachForums was taken offline after police arrested the forum’s owner, “Pompompurin.”

Not to be deterred, the hacker posted information on a website, claiming that if the agency responsible for the data didn’t come forward, they would leak everything.

Days later, their messaging on the website changed. They claimed that the project had been stopped because of some conflict with an unnamed sponsor.

Stopped, but they still threatened that they would leak the data via a script “every 7 days for 10 years” if one was caught.

It was all very confusing and when the deadline came and went, there was no data leak. Then again, there was no site at that point, as the government had it blocked.

And all the while, the government was claiming that they did not know where the data came from.

This past week, however, things started heating up. The government announced that they knew who the hacker was and that he is a master sergeant second class in the army.  He has been named by some news sites there. Following proper procedures, the government reached out to the suspect’s commander to have the commander bring the master sergeant in for questioning.

But at the same time that the government was still denying knowledge of the source of the data, the police announced that the source was the Mor Prom application that was used for vaccination services during the pandemic but whose function was subsequently expanded. The program is under the Public Health Ministry.

Things took yet another twist in this story when we learned that the commander couldn’t seem to get in touch with the master sergeant, who is a truck driver. So on Saturday, national police chief Pol Gen Damrongsak Kittiprapas ordered the Cyber Crime Investigation Bureau to work with the army supervisor and judge advocate to bring him in for questioning. But we also learn that it was the sergeant’s wife, a nurse, who had access to the data. A summons was reportedly issued for her to come in to be questioned, but some Thai news sources report that she is now reportedly on the run with her husband. It is not clear exactly what her role was — whether she gave her husband login credentials or did something else. But to recap:

Neither the master sergeant nor his wife may have made any money out of all this, they both may be on the run, one arrest warrant may have been issued and one summons for the wife, and if and when they are caught, they may both face prison sentences for a number of charges.

And the data on the 55 million Thai citizens? Well, if you believe “9Near,” it may still be leaked, but whether 9Near or anyone else still has access to it is …. also unclear.

Update April 11:  Royal Thai Army suspends AWOL sergeant major turned cyberpunk after hacking 55 million Thais’ personal data

 

Related posts:

  • Confused about the drama with the new BreachForums? Reading this will either help you or make your head spin.
  • Suspected hacker “9Near” is ‘a soldier’
Category: Government SectorHackHealth DataInsiderNon-U.S.

Post navigation

← ‘Network disruption’ probed at California sheriff’s office
Data breach at Elmbrook School District exposed personal information about former and current employees →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.