Cyber Incident Victim: Kasikornbank

In July 2018, Kasikornbank (Kbank) and Krungthai Bank (KTB) experienced cybersecurity breaches compromising customer data. The Bank of Thailand confirmed the incidents on July 25, revealing that attackers accessed personal and corporate information affecting over 120,000 customers collectively. KTB reported unauthorized access to data from 117,000 customers who had applied for personal, housing, and other loans, while Kbank disclosed a breach involving approximately 3,000 corporate customers through its online letters website. KTB president Payong Srivanich characterized the intrusion as employing "advanced hacking techniques," specifically noting theft from 20,000 online credit applicants. Kbank detected irregularities on July 25 and subsequently heightened surveillance and protective measures. Both institutions formally reported the incidents during the preceding weekend, with KTB's IT division halting the attack promptly after identifying suspicious data exfiltration attempts.

The breaches raised concerns about potential misuse of compromised information despite bank assurances of no immediate financial losses. Cybersecurity expert Paiboon Amonpinyokeat warned the societal and economic repercussions could exceed direct monetary theft. The incidents intensified calls for regulatory reforms, particularly amendments to Thailand's pending data protection Bill to address breach notification requirements and prevention protocols. Industry analysts highlighted systemic vulnerabilities as Thai banks expanded digital services, with Kbank and peers reporting over six million mobile banking users. The Thai Banking Association was urged to facilitate cross-institutional learning from the attacks. Central bank officials faced pressure to implement interim standards, including proposed 72-hour breach reporting mandates for financial institutions, while the broader sector confronted escalating security challenges tied to Thailand's rapid digital banking adoption.