A post on a dark web forum has surfaced, alleging that Thai telecommunications company TOT Public Company Limited has suffered a significant data breach. The threat actor behind the post claims to have obtained sensitive information on hundreds of thousands of customers and internal company data. However, these allegations remain unverified, and there is no official confirmation from the company or cybersecurity authorities at this time.
The forum post asserts that the compromised data includes:
- Personal details of 679,000 subscribers, including full names, addresses, phone numbers, and the specific telecom services they use.
- 182,000 Thai ID card records with no duplicates.
- Information about dealers, sales figures, internal logs, employees, and company departments.
- Data related to SIM cards and other confidential records.
The threat actor has reportedly made the database available in MySQL CSV format, offering it for sale at a price of $400, with an escrow option for potential buyers. The post includes a sample dataset and a contact link for negotiations via Telegram.
TOT Public Company Limited is one of Thailand’s top telecom providers, reportedly generating $1 billion in revenue, according to ZoomInfo. The company offers internet, fiber, landline, and mobile services to customers across the country.
