Chinese national accused of 2022 mass data leak (updated)

Posted on by Dissent

Jono Thomson reports:

 An investigation into the leak of 23 million items of personal data, including that of the relatives of Vice President Lai Ching-te (賴清德) and Secretary-General of the National Security Council Wellington Koo (顧立雄), has concluded the hacker responsible was a Chinese national.

Read more at Taiwan News.

According to a machine translation of media coverage, a task force was formed after a person with the username “OKE” offered to sell 23,572,055 records of Taiwan’s household service administration at a price of US $5,000 on BreachForums. The data are reportedly   household service administration data from before April 2018.

OKE  used virtual currency as a payment method and the task force began to trace the illegal money flow. Taiwan News reports:

At present, the task force has grasped the identity of the mainland national. The Liberty Times exclusively pointed out that the Bureau of Investigation also obtained the Chinese ID number from the real-name authentication of the virtual currency wallet. It is known that this person should be a Chinese man in his 20s born around 2000, and has issued an immigration control on him.

While some might keep their head down under the circumstances or duck for cover, OKE continues to post data from Taiwan on BreachForums. His most recent listing was only two days ago.

DataBreaches sent him a private message asking if he was aware that he has reportedly been identified and the matter is going to prosecutors.  This post will be updated if a reply is received.

Update: OKE responded to a thread DataBreaches started on BreachForums about the news reports.  He writes:

I don’t understand why the Taiwan government is so stupid. The KYC certification system is an easy thing for everyone here,

For sellers in the forum, having multiple collection accounts and a complete security system is crucial to avoid being tracked,

If anyone’s encrypted wallet is as easy to track as the Taiwan government claims, then I believe that 100% of the sellers in this forum will disappear, and the administrators in the forum will have the criminal certification of Interpol,

Now, the Taiwan government has released a small smoke bomb to calm the anger of the Taiwan media and people against me. In the future, I believe the Taiwan government will take action again,

I understand and accept this, This is my present and final response.

Category: Breach IncidentsGovernment SectorHackNon-U.S.