Mastertech International Co., Ltd., a Thailand-based manufacturer and distributor specializing in time recording and attendance systems, has allegedly been compromised. A threat actor posted the dataset on a dark web forum, claiming the information was updated as of December 2025. The company, which primarily serves a Business-to-Business (B2B) market, is now facing the potential exposure of sensitive records linked to its internal systems or client databases.
According to the actor, the compromised data contains significant amounts of Personal Identifiable Information (PII). A sample of the SQL database provided by the attacker reveals highly specific personal details, suggesting the data may come from detailed HR or security identification records. The allegedly compromised data includes:
-
Full names (in both Thai and English)
-
National ID numbers
-
Dates of birth
-
Physical addresses
-
Phone numbers
-
Physical characteristics (Height and Weight)
-
Distinguishing marks (e.g., specific locations of scars)
-
System user logs and timestamps
