Cyber Incident Victim: Krungthai Bank
Date:
Jul 2018
Location:
Thailand
Summary
Krungthai Bank experienced a cybersecurity breach involving unauthorized access to customer data through advanced hacking techniques, compromising personal information of approximately 117,000 individuals who applied for loans online. The incident, which also affected another major Thai bank, exposed sensitive customer and corporate data, though no immediate financial damage was confirmed. The bank's IT division detected and halted the attack promptly, while broader concerns emerged about potential misuse of stolen information and systemic vulnerabilities in digital banking platforms. The breach underscored security challenges faced by financial institutions amid increasing adoption of online services, prompting calls for enhanced regulatory measures to address data protection gaps.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In July 2018, Krungthai Bank (KTB) and Kasikornbank (Kbank) experienced cybersecurity breaches compromising customer data, with KTB confirming unauthorized access to personal information of approximately 117,000 customers who had applied for personal, housing, and other loans. The attacks occurred prior to July 25, when Kasikornbank detected irregularities in its systems. KTB President Payong Srivanich characterized the intrusion as involving "advanced hacking techniques" targeting online credit applicants, initially affecting 20,000 customers before the full scope was identified. The bank's IT division detected suspicious data theft activity and immediately halted the breach, preventing further unauthorized access. Concurrently, Kasikornbank reported a separate compromise involving data of 3,000 corporate customers from its online letters platform. Both institutions formally reported the incidents to the Bank of Thailand (BOT) over the same weekend, with Kbank implementing enhanced data surveillance and protection measures following its July 25 detection.
The combined breaches affected over 120,000 individuals across both banks, raising concerns about potential misuse of exposed personal and corporate information despite bank assurances of no immediate financial losses. The Bank of Thailand publicly acknowledged both incidents on July 25, highlighting vulnerabilities in Thailand's rapidly expanding digital banking sector where institutions like KTB and Kbank each maintained over six million mobile and online banking users. Cybersecurity expert Paiboon Amonpinyokeat warned that the societal impact of such data leaks could exceed conventional financial theft, urging amendments to Thailand's pending data protection bill to address breach notification requirements and prevention protocols. Industry analyst Prinya Hom-anek described the incidents as pervasive threats requiring coordinated response through organizations like the Thai Banking Association. The breaches intensified pressure on regulators to establish mandatory cybersecurity standards, including proposed 72-hour breach reporting windows and enhanced technical safeguards for financial institutions handling sensitive customer data.