"COVID-19 Data Put For Sale on The Dark Web"

Security researchers at Resecurity, a California-based cybersecurity company, have identified leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19 symptoms.  The incident was uncovered and shared with Thai CERT.  The data was put for sale on several Dark Web marketplaces and was available for further purchase via a Telegram channel created by the bad actors.  The researchers noted that based on the acquired samples and additional insights related to the security incident, the bad actors were able to gain unauthorized access to the government portal, allowing them to manage users and records illegally.  The access was possible due to an active SQL injection vulnerability in an authorization module of the web app used for online surveys.  At the time of breach identification, the bad actors could have accessed at least 5,151 detailed records with potential exposure of 15,000 in total.  This year similar incidents occurred in Indonesia and India, leading to the theft of COVID-19 patient records.

Help Net Security reports: "COVID-19 Data Put For Sale on The Dark Web"