The National Health Security Office (NHSO) denies any data breach after some users on the communications platform Discord claimed they have NHSO data and application programming interfaces (APIs) for sale. Pratueang Paodit, assistant secretary-general of the NHSO, said on Tuesday the NHSO's cyber security team and the Computer Security Operations Centre (CSOC), along with external experts, conducted an urgent review and found no evidence of data leakage from the NHSO systems. Technical investigators believed the information may have been compiled from personal data obtained from various external sources and combined with data leaked elsewhere, and that the NHSO name then may have been used to make the posts appear credible, but the data did not originate from NHSO systems, said Mr Pratueang. In addition, connections involving high usage volumes or access to large amounts of personal data must also pass additional security measures, including IP whitelisting. Key measures include upgrading identity verification across all NHSO websites that access personal data, requiring at least two-factor authentication (2FA).

Source: Bangkok Post February 17, 2026 22:45 UTC