Cyber Incident Victim: Royal Thai Police
Date:
Nov 2015
Location:
Thailand
Summary
Activist hackers associated with Anonymous claimed responsibility for breaching Royal Thai Police servers, leaking sensitive data including officer information and case evidence to protest Thailand's proposed single internet gateway initiative, which they alleged would enable government censorship. The group publicly released password-protected files and criticized weak security practices while authorities denied the intrusion occurred. This incident formed part of Anonymous' sustained #OpSingleGateway campaign targeting government infrastructure, including prior attacks on state telecom systems, amid concerns about ongoing gateway implementation despite official denials of the project's continuation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On November 30, 2015, the activist hacker collective Anonymous claimed to have breached Royal Thai Police servers, leaking private information including police officer details and evidence records from criminal cases. The group announced the hack via Twitter, providing a link to password-protected files hosted on Pasteguru.com while taunting authorities over weak security practices, citing examples like "12345" passwords. This intrusion formed part of Anonymous' ongoing #OpSingleGateway campaign protesting Thailand's proposed consolidation of internet gateways into a single government-controlled point, which the group argued would enable censorship and create vulnerable centralized databases. The leaked data purportedly included directories and files from police systems, though the Bangkok Post could not independently verify the contents of the compromised material. Anonymous emphasized the breach demonstrated government incompetence in cybersecurity, warning that any single gateway implementation would inevitably be hacked. The attack followed earlier #OpSingleGateway actions including an October 1, 2015 denial-of-service attack on Thai government websites and an October 23 breach of CAT Telecom's customer data after the state enterprise continued gateway infrastructure development despite official claims the project was halted.
Royal Thai Police representatives, including Technology Crime Suppression Division chief Pol Maj Gen Supaseth Chokchai, denied the servers were compromised, asserting no hacking reports reached their cybercrime unit and the matter wasn't discussed in national police commander meetings. Several police websites including the Office of Police Strategy and Police Administration Information System experienced temporary outages around the incident timeframe, though Anonymous did not claim responsibility for these disruptions. The government maintained its ability to protect citizen data, with ICT Minister Uttama Savanayana dismissing Anonymous' prior CAT Telecom breach allegations and assuring uninterrupted services. Despite official denials about the gateway project's status, Anonymous insisted planning continued covertly with sustained funding, vowing to electronically target all entities involved in its deployment. The incident exposed tensions between governmental cybersecurity assurances and hacker demonstrations of systemic vulnerabilities, with potential impacts including unauthorized access to evidentiary records and personal information of law enforcement personnel.