"Please Change Your Password to Prevent Secondary Damage"
On April 7, it was revealed that the personal information of approximately 3,000 members of the "Chuksaro" website, operated by the National Institute of Animal Science under the Rural Development Administration, had been leaked. It has now been additionally confirmed that over 479,000 cases of personal information were leaked from other Rural Development Administration websites aside from Chuksaro.
According to the Rural Development Administration and other sources on April 28, the agency analyzed the storage device data of an IT service contractor that had been hacked, as part of its investigation into the personal information leak. It is known that the member information from Chuksaro was leaked when the contractor's storage device was hacked.
The analysis revealed that the contractor's storage device contained data from past Rural Development Administration websites, including member information from the Rural Development Administration website (2018), the National Crop Pest Management System (2019), the Pesticide Safety Information System (2020), the Rural Development Project Integrated Management System (2022), and the Agricultural Genetic Resources Service System (2023). In total, it is estimated that over 479,000 pieces of data were leaked.
The personal information was leaked through the hacking of the contractor's storage device. It has been confirmed that neither Chuksaro nor the Rural Development Administration websites were directly hacked.
The Rural Development Administration is sending notification messages and taking follow-up measures for members whose personal information was confirmed to have been leaked. The agency has first provided information on how to apply for personal information dispute mediation, as well as guidance on types of secondary damage and response procedures. In addition, it is taking necessary actions such as reporting to the Personal Information Protection Commission.
Previously, on April 7, the Rural Development Administration faced controversy after the personal information of 3,132 Chuksaro members was leaked. The leaked information included 19 items, such as member IDs, names, dates of birth, mobile phone numbers, gender, addresses, farm addresses, and business registration numbers.
The Personal Information Protection Commission reportedly confirmed that the personal information of Chuksaro members had been posted on the so-called "dark web," which can only be accessed using a special browser. The commission is currently investigating the contractor to determine the circumstances of the leak.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
