Cyber Incident Victim: Royal Thai Navy

On December 22, 2016, hacktivist collective Anonymous and affiliated Thai actors breached servers belonging to Thailand’s Ministry of Foreign Affairs (MFA), Thailand International Cooperation Agency (TICA), and the Royal Thai Navy. The attack, conducted under Operation "OpSingleGateway," targeted the Thai military government’s recently enacted Single Internet Gateway law, which mandated centralized state surveillance of all international internet traffic through a junta-controlled entry point. Hacktivists publicly leaked personal and official data from these entities, including a subset of the Royal Thai Navy’s database containing names, usernames, and email addresses of approximately 100 naval personnel. Anonymous announced intentions to release additional sensitive data in subsequent leaks, framing the operation as a direct response to legislation they claimed threatened freedom of speech and online privacy.

The breach exposed systemic vulnerabilities in Thailand’s government cybersecurity infrastructure, with Anonymous asserting that compromised servers contained inadequately protected citizen data. In a public statement, the group criticized the Single Gateway project as a surveillance tool enabling censorship and mass data collection, comparing it to China’s Great Firewall. They warned that centralized data storage would create high-risk targets for malicious actors, citing the Navy breach as evidence of the government’s inability to secure sensitive information. The incident amplified existing civil society opposition to the law, with hacktivists urging Thai citizens to reject the policy. No official statements from the Thai government or impacted agencies regarding containment measures or forensic investigations were disclosed in the source material. The data leak remained limited to non-classified personnel records, though Anonymous claimed possession of more sensitive unreleased data to further pressure authorities.