Last week, a hacker who went by the name "9Near" did not release the data on 55 million Thais as he had threatened.
However, that doesn't mean the public can sigh in relief as the government's handling of the matter is more worrying.
More than a week later, the Minister for Digital Economy and Society (DES), Chaiwut Thanakamanusorn, has yet to catch the suspected cyber thief, a soldier.
It needs to be said that the Royal Thai Police (RTP) and the DES have known the hacker's identity and whereabouts since Thursday. They have even obtained an arrest warrant issued by a military court.
The government has confirmed that the suspect is Sgt Maj 2nd Class Khemarat (last name withheld), who works in the Army Transportation Department of the Royal Thai Army (RTA).
Suspicion over "9Neargate" has increased. For unknown reasons, the RTP aborted a plan to arrest the suspect. The suspect and his wife, a nurse who also may have been involved in the hacking, have disappeared.
There have been no reports about the server the suspects used and whether they left forensic evidence online. The DES and RTP, who traced his cyber activities, have not revealed any details.
The RTA's response to the matter is also not helping. Army spokesperson Maj Gen Sirichan Ngathong yesterday said the army could not locate Sgt Maj Khemmatat because he turned off his phone.
Such a response is simply unacceptable. The army has the responsibility to detain its soldier. Failing to do so will only fuel negative rumours, such as the suspect perhaps having an influential backer.
Also dismaying is the response of senior officials from the Ministry of Public Health, which oversees the Mor Prom app database, from which the data was allegedly taken.
Public Health Minister Anutin Charnvirakul and permanent secretary Opas Karnkawinpong have remained tight-lipped, passing the buck to the DES Ministry and police officials.
Instead of leaving the burden to the police and DES, the Ministry of Public Health must boost database protection for the Mor Prom app and clear any doubts over its security to the public as the app has been used by Thais to register for Covid-19 vaccines.
It needs to be mentioned that this is not the first time Thailand has experienced a public data leakage from the Ministry of Public Health's database. In August 2021, information on 10,000 patients from the state-run Phetchabun Hospital was held by hackers who shut down the hospital's phone lines and demanded 63 billion baht in Bitcoin.
Just a month later, it was revealed that data on over 100,000 patients from 11 hospitals nationwide was being sold on the dark web.
The 9Near case shows that the government lacks the safety measures needed to protect the personal information of Thai citizens, which is often required by the government. Recent thefts and leakages have proven that government agencies do not have to be held accountable for failing to keep data safe.
But the most upsetting thing is the fact that the DES and the RTP cannot even catch the suspected hacker despite knowing his identity.
The government has pledged to become an "e-government" that promotes a digital economy, but how can officials maintain their reputation when the government has failed time and again to catch cyber thieves or at least punish the owner of a breached database?
