An employee at a suborganization of a South Korean municipal office accidentally sent one citizen’s personal information to all city officials. The incident occurred on Tuesday at a local community service center in Incheon.
According to a spokesperson from the Incheon Seo-gu Office who spoke to The Readable, a citizen applied for a community service through a local community service office but had submitted the application to the wrong office. Attempting to correct the mistake, the official who dealt with the applicant tried to forward the information to the correct office. However, instead of reaching the intended government official, the data—containing sensitive and private information—was accidentally sent to the entire Incheon metropolitan government.
The citizen, seeking government assistance with housing rental fees, visited a website of a local office, believing it to be the correct post to process this information. However, this office was not responsible for the address listed in the data, which fell under the purview of another similar office.
As the local government office employee attempted to forward the information to the correct location for processing, the data passed through an internal messaging system. This led to the exposure of the name and social security number of the applicant to all the Incheon metropolitan government officials with access to the system.
“The government employee responsible for the mistake promptly notified the individual who had submitted the application about the leaked information and issued an apology,” stated the spokesperson. “Thus far, no other issues have been reported due to this information exposure.”
The Readable contacted a privacy expert, Cha Yun-ho, Director of the Personal Data Investigation Division at Korea Internet & Security Agency (KISA), to discuss the risk of a personal information breach.
According to Cha, while there is a risk of misuse of personal data having been leaked to government offices, the probability of it occurring is extremely low. In this case, for instance, the data was exposed only to other government officials, which makes containment straightforward. The likelihood of such a leak leading to more serious consequences is also unlikely, given that government officials are trusted to handle such information responsibly and can be relied upon for their integrity in this regard.
Moreover, the likelihood of such a leak leading to more serious consequences is minimal, as government officials are trusted to handle sensitive information responsibly and maintain integrity in their duties, according to the expert. “Public officers receive regular training on personal information protection, and government offices enforce additional protective measures through established regulations,” said Cha.
