The RDS backed its allegation on Tuesday with screen captures of the breachforum.cx website, showing a “god user” advertising the sale of 2.2 million records of Thai citizens for US$10,000 (about 360,000 baht).
The image showed the hacker saying that the data had been stolen from the Public Health Ministry’s records and that each set had a name, phone number, ID card number and date of birth.
The image also showed that the hacker had joined the web forum in February and only placed eight posts, so far.
The RDS noted that the alleged security breach had taken place one year after a hacker called “9near” had stolen 55 million records of Thai citizens from the Public Health Ministry in March last year.
The RDS added that cyber security was a serious issue for provincial hospitals as they were not allocated enough funds to strengthen their online systems.
However, Public Health Minister Cholnan Srikaew dismissed RDS’s claim, saying the ministry has a special agency in charge of monitoring the breach of data and that it has not detected any hacking.
He added that there was no evidence that the data advertised had come from the Public Health Ministry. The minister admitted that the public health database in Roi Et was attacked on Monday night, but said the officials in charge could fend off the attacks.
Cholnan added that provincial hospitals that have been linked to the 30-baht plus healthcare scheme will be automatically protected with strong cyber controls.
So far, 12 provinces have joined the 30-baht plus scheme and when another 20 provinces join the programme in November, the cyber security system will be further strengthened.