I don’t recall experiencing issues preserving confidentiality, integrity, or availability before. As a research assistant, our team and my professor use Dropbox to store our research data. My professor is the owner of the research folder and controls access by inviting specific individuals.
Regarding an incident in Thailand that highlights the failure to maintain confidentiality, integrity, and availability of an information system, I recall the TrueMove H user data leak in 2018. TrueMove H is a major mobile operator and internet service provider in Thailand, and I distinctly remember this incident because I am also a customer of this mobile operator.
= Around 46,000 TrueMove H users’ data, including names and phone numbers, was exposed due to a data leak that ended up in Amazon Web Services cloud storage. The breach involved unauthorized access to sensitive customer information, which was then stored in an insecure manner on AWS servers. The exact cause of the leak might not have been fully disclosed, but it was a significant breach of user privacy and data security in Thailand.
How did it affect the system or users?
= The exposure of personal information violated the users’ privacy and potentially exposed them to risks like identity theft and fraud. Also, the TrueMove H company had lost the trust of the customers.
And how to prevent it?
= 1. Enhancing Security Measures by implementing robust encryption and access controls.
2. Conducting regular security audits, continuous monitoring, and employee training on cybersecurity best practices.