Cyber Incident Victim: OpSingleGateway
Date:
Jan 2017
Location:
Thailand
Summary
Anonymous hacked a Thai government job portal, leaking sensitive data including officials' and job seekers' personal details, payment information, bank accounts, emails, and encrypted passwords. The breach affected multiple departments, with stolen databases published on the dark web. While withholding identifiers like ID numbers and addresses to avoid harming citizens, the group framed the attack as part of OpSingleGateway—a sustained campaign protesting internet surveillance laws. This operation previously targeted the nation's police, telecom providers, consulates, and military entities to challenge online censorship. Anonymous emphasized their intent to expose governmental overreach rather than exploit individuals, urging public resistance against digital monitoring policies.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around January 10, 2017, the hacktivist group Anonymous breached multiple Thai government job portals under the *go.th domain, leaking sensitive data from departments including the Revenue Department, Administrative Court, Fine Arts Department, and Ministry of Foreign Affairs. The attackers exfiltrated databases containing names, surnames, employer application details, payment records, phone numbers, bank account numbers, email addresses, and encrypted passwords. They publicly disseminated the data on dark web portals, structuring it across multiple download links. Analysis confirmed the data’s authenticity, as it had not previously been exposed online. Anonymous deliberately withheld certain personal identifiers—including job seekers’ ID numbers, home addresses, and parental names—stating their objective was to oppose the "Thai Regime" rather than harm citizens. The group characterized the attack as part of Operation OpSingleGateway, an ongoing campaign initiated in 2015 to protest Thailand’s internet surveillance laws.
The breach impacted thousands of individuals, though the leaked data represented only 1% of the total stolen files, indicating a significantly larger compromise. Affected systems included subdomains assigned to each government department, specifically targeting the job application infrastructure. Anonymous cited motivations tied to human rights advocacy and public awareness, emphasizing their historical targeting of Thai government entities such as the Royal Navy, police, telecom providers, and consulates. No containment measures or official responses from Thai authorities were documented in the source material at the time of reporting. The data remained publicly accessible for download following the disclosure, exposing victims to financial fraud and identity theft risks due to the inclusion of bank account and payment details. This incident marked a continuation of Anonymous’s sustained cyber campaign against Thai internet regulation policies.