Cybersecurity investigators have identified a Chinese hacker using the handle “OKE” as the prime suspect in the biggest data leak in Taiwan’s history.
OKE offered a cache allegedly containing the personal information of 23.56 million Taiwanese for US$5,000 on the Breach Forums hacker marketplace in October last year, sparking concern about national security, lack of oversight and data management negligence by government agencies.
Investigators have identified OKE as a Chinese hacker in his 20s, the Ministry of Justice Investigation Bureau’s Cyber Security Investigation Office said in a news release on Friday.
Photo: Taipei Times files
The case is being handled by the Taipei District Prosecutors’ Office. The suspect could be charged with contravening the Personal Data Protection Act (個人資料保護法) and offenses relating to computer security in the Criminal Code. Prosecutors have issued an immigration control bulletin against him.
Investigators said that the hacker used virtual currency to receive and transfer payments through a digital wallet registered in China, which contains his national identification number and other personal information.
Investigators said they were able to ascertain the hacker’s gender, year of birth, province of residence and other personal data.
OKE provided a subset of 200,000 records so that buyers on Breach Forums could check the authenticity of the data.
The subset contained the data of a number of central and local government officials, investigators said.
An analysis found that the data were based on household registration records from before April 2018, although some deviations from the original entries were found, meaning it is possible the information was stolen from other government agencies, investigators said.
Prosecutors would continue to monitor the money flowing through OKE’s digital wallet and bank accounts, officials said.
“I don’t understand why the Taiwan government is so stupid. The KYC certification system is an easy thing for everyone here,” OKE wrote on Breach Forums on Monday.
He said his digital wallet is not as easy to track as the government claims, and he has a system in place to avoid being monitored.
Officials called on all government agencies and businesses to boost private data protection, enhance cybersecurity awareness among employees and keep backup data.
They reminded the public that it is illegal to sell, purchase or access private citizens’ information without authorization, while stolen data sets being sold on hackers’ forums could also contain malware and viruses.
An increase in Taiwanese boats using China-made automatic identification systems (AIS) could confuse coast guards patrolling waters off Taiwan’s southwest coast and become a loophole in the national security system, sources familiar with the matter said yesterday. Taiwan ADIZ, a Facebook page created by enthusiasts who monitor Chinese military activities in airspace and waters off Taiwan’s southwest coast, on Saturday identified what seemed to be a Chinese cargo container ship near Penghu County. The Coast Guard Administration went to the location after receiving the tip and found that it was a Taiwanese yacht, which had a Chinese AIS installed. Similar instances had also
GOOD DIPLOMACY: The KMT has maintained close contact with representative offices in Taiwan and had extended an invitation to Russia as well, the KMT said The Chinese Nationalist Party (KMT) would “appropriately handle” the fallout from an invitation it had extended to Russia’s representative to Taipei to attend its international banquet last month, KMT Chairman Eric Chu (朱立倫) said yesterday. US and EU representatives in Taiwan boycotted the event, and only later agreed to attend after the KMT rescinded its invitation to the Russian representative. The KMT has maintained long-term close contact with all representative offices and embassies in Taiwan, and had extended the invitation as a practice of good diplomacy, Chu said. “Some EU countries have expressed their opinions of Russia, and the KMT respects that,” he
VIGILANCE: The military is paying close attention to actions that might damage peace and stability in the region, the deputy minister of national defense said The People’s Republic of China (PRC) might consider initiating a hack on Taiwanese networks on May 20, the day of the inauguration ceremony of president-elect William Lai (賴清德), sources familiar with cross-strait issues said. While US Secretary of State Anthony Blinken’s statement of the US expectation “that all sides will conduct themselves with restraint and prudence in the period ahead” would prevent military actions by China, Beijing could still try to sabotage Taiwan’s inauguration ceremony, the source said. China might gain access to the video screens outside of the Presidential Office Building and display embarrassing messages from Beijing, such as congratulating Lai
Four China Coast Guard ships briefly sailed through prohibited waters near Kinmen County, Taipei said, urging Beijing to stop actions that endanger navigation safety. The Chinese ships entered waters south of Kinmen, 5km from the Chinese city of Xiamen, at about 3:30pm on Monday, the Coast Guard Administration said in a statement later the same day. The ships “sailed out of our prohibited and restricted waters” about an hour later, the agency said, urging Beijing to immediately stop “behavior that endangers navigation safety.” Ministry of National Defense spokesman Sun Li-fang (孫立方) yesterday told reporters that Taiwan would boost support to the Coast Guard