The Council of University Presidents of Thailand (CUPT) has offered an apology for a large leak of the personal information of people applying to enter state universities under the Thai University Central Admission System (TCAS).
CUPT issued a statement yesterday in response to a social media offer for sale of 23,000 items of personal information and files from the myTCAS.com website in May last year. The news of the leak came after a backlash against the organisation for failing to provide assistance to high school students who test positive for COVID-19 during the university entrance exams (GAT/PAT) in March. A Twitter hashtag boycotting the organisation surfaced after some students were told to simply take the exam next year.
CUPT said that it had checked all the files in question and found that they contain information on the third phase of TCAS64 and not all of them contain personal information about the applicants for entry to state universities.
The information is in the CSV (comma-separated values) file format, which officials of each university had accessed as part of the assessment process, to determine the rankings of the applicants, said the CUPT.
There are 826,250 items of information in the TCAS64 system and only 23,000 items from files created in May last year were breached and offered for sale, said the association adding, however, that the information being offered for sale has no effect on the ranking process.
It also said that the TCAS64 system has been shut down since December and the new system, TCAS65, has been developed, with the sensitive files being kept private and direct access only via a secure pre-signed URL and within a specific timeframe.
CUPT said it regrets any problems the leaks may cause for the applicants.
The matter is being investigated by the National Cyber Security Committee, said CUPT, as it offered an assurance that the current TCAS65 system is safe and secure.
Source: Thai Public Broadcasting Service