JIB data breach: 7M baht fine and security upgrades

JIB apologizes for data breach, announces steps to prevent future breaches

JIB Computer Group Co., Ltd. (JIB) has been fined 7 million baht by the Personal Data Protection Committee (PDPC) following a significant data breach that exposed customer information to scammers. This marks the first time a major company in Thailand has faced such a substantial fine under the Personal Data Protection Act (PDPA). The breach, which involved unauthorized access to personal and purchase data, led to phishing attempts by criminals posing as company representatives.

Company’s response and apology

In response to the data breach, JIB has issued a public apology and detailed its plan to address the incident. The company revealed that the breach occurred due to unauthorized external access to its data. Despite having existing security measures, some customer data and purchase information were leaked, leading to significant harm.

JIB has outlined its commitment to resolving the unfortunate data breach issue and enhancing its security protocols. The company has taken the following actions:

1. Enhancing Security Measures: JIB is upgrading its data protection systems, including improving the security of its information systems, website, and network infrastructure.
2. Appointing Security Experts: A specialized security team and legal professionals have been hired to work with the company's Data Protection Officer (DPO) to ensure compliance with legal and international standards.
3. Training and Development: The company is providing comprehensive training to all employees to enhance their understanding of data security and personal data protection.
4. Remediation and Responsibility: JIB acknowledges the potential damage caused and is committed to taking appropriate measures to remedy the situation. This includes offering guidance on how customers can protect themselves from potential threats.
5. Clarification on Company Policy: The company clarified that it does not have a policy requiring employees to contact customers for refunds, returns, or data changes. Financial transactions should only be conducted through accounts listed as J.I.B. Computer Group Co., Ltd.

JIB's statement emphasized their commitment to safeguarding customer data and restoring trust. The company is also taking steps to comply with the PDPC's directives, including submitting a report on their corrective actions within seven days of receiving the order.

For further inquiries or assistance, customers are advised to contact JIB's Call Center at 02-017-4444, available 24/7. JIB has expressed its sincere apologies and assured customers that it is dedicated to improving its data security measures to prevent future breaches.

For more information on preventive measures, customers can visit the company's website.

The JIB breach shows why having good Data Loss Prevention (DLP) is so important. DLP helps keep sensitive data safe, stops unauthorized access, and reduces the risk of leaks. It’s a smart way to protect your information, follow the rules, and avoid expensive problems. With DLP, companies can better manage data risks and keep their customers’ trust. Explore how DLP solutions like Safetica and SearchInform can help protect your data. Find out how Active Media can support your data security needs.