South Korean government website exposes personal information due to incorrect document issuance

South Korea’s online certification website inadvertently exposed the private information of over 1,200 individuals by issuing incorrect documents to users.

On Sunday, the Ministry of the Interior and Safety (MOIS) reported that the GOV.KR website, which provides document issuance services to citizens, mistakenly issued 646 educational certificates on April 1. This error led to the personal data of citizens, including names, addresses, and resident registration numbers, being disclosed to incorrect applicants.

Furthermore, the GOV.KR website also mistakenly issued 587 certificates related to tax payments on April 19. The South Korean government clarified that this error involved a mix-up, exposing representatives’ names and resident registration numbers, instead of their taxpayer identification numbers, when users requested corporate tax payment certification.

The MOIS attributed the exposure of the data to a “mistake” made during the development process. They explained that the issue occurred while they were optimizing the integration between the GOV.24 platform and the education information system. During this update, a high volume of users accessed the site simultaneously, which led to certificates being issued to the wrong individuals.

The MOIS reported that they immediately deleted the incorrect documents and notified the Personal Information Protection Commission (PIPC) in accordance with the Personal Information Protection Act. Under this privacy law, any breach involving personal data must be reported to the PIPC within 72 hours of discovery.

The MOIS has confirmed that all related documents are now being issued correctly. The ministry further explained, “For education certificates, we have implemented a pre-verification program to prevent issuance errors. For tax payment certificates, we are taking measures to prevent errors by blocking unnecessary linked information.”

Meanwhile, GOV.KR faced a nearly 48-hour network shutdown last November due to a server access issue on the government network. GOV.KR is a highly trafficked website, averaging 1.5 million visitors per day and issuing around 400 million documents annually.

• Related articles: South Korea’s government network collapsed for nearly 48 hours

Please leave this field empty

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

Email Address *

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

Your subscription to The Readable's newsletter has been successfully processed. Welcome to our community of cybersecurity enthusiasts and experts!