A threat actor has claimed responsibility for a significant data breach targeting KintApp, a communication platform widely used by organizations in Thailand. According to a post made on a dark web forum, the breach compromised sensitive information from over 2,500 organizations, including prominent institutions such as the Thailand Constitutional Court, the Royal Thai Police Cadet Academy, and the Thailand Defense College.
The threat actor alleged that the stolen data includes users’ personal details such as identification numbers, email addresses, first and last names, and mobile phone numbers. While the authenticity of these claims has not yet been independently verified, the poster provided a sample of the stolen data to substantiate the breach.
KintApp, designed to facilitate communication for businesses, is popular among both private and public sector entities across Thailand.