Democratic Progressive Party (DPP) lawmakers yesterday accused government agencies of negligence and dereliction of duty following reports of major personal data breaches, which they said have seriously compromised national security.
Since 2016, there have been eight major cases of personal data leaks at government agencies and state-run enterprises, they said.
“This has stoked public anger, as government officials have shown little concern and a lack of urgency in dealing with these national security breaches,” DPP Legislator Liu Shyh-fang (劉世芳) told a news conference at the Legislature Yuan in Taipei.
Photo: CNA
Private data breaches have occurred repeatedly, but government officials treat them on a “case-by-case” basis and have not taken concrete action to plug these leaks, DPP Legislator Hung Sun-han (洪申翰) said.
“I have yet to see any government agency take an assessment, and pinpoint the weaknesses and vulnerabilities in our personal data storage systems,” he said.
“The new Ministry of Digital Affairs should shoulder the responsibility of coordinating with judicial investigation agencies and national security units to assess the nation’s information security system, recommend ways to enhance personal data protection, and come up with a new national strategy to prevent [data leaks] and strengthen information security,” he said.
The ministry, which started operating last year, oversees the Administration for Cyber Security, whose stated aim is to boost cybersecurity defense to protect “critical information infrastructure,” implement the Cyber Security Management Act (資通安全管理法), build a resilient, secure, smart country, and connect competent authorities to expand national cybersecurity defense mechanisms, he said.
“If the ministry and the Administration for Cyber Security cannot deal with these personal data breaches, why were they established in the first place?” Hung asked.
Liu and Hung presented a list of major data leaks over the past seven years that were either an inside job by government bureaucrats or due to hackers.
They included the theft of 17,000 transaction records at state-run Chunghwa Post Mall in May 2016 by hackers based in China and 58,000 personal data files at the Ministry of Labor’s Workforce Development Agency in July that year.
An incident at the Ministry of Civil Service in June 2019 led to the leak of 200,000 civil workers’ personal files, which were put on sale on foreign Web sites, while local household registration records were placed on sale on the Darknet in May 2020, allegedly by workers in the Ministry of the Interior’s Department of Household Registration (戶政司), the lawmakers said.
These were followed by several major breaches last year — another household data leak in October from the same department, and hackers penetrating government-run Taoyuan General Hospital last month and stealing patients’ and medical personnel files, they said.
This month saw a major security breach at China Airlines, with hackers allegedly stealing the personal data of customers, including Taiwanese business leaders, politicians and celebrities.
It was followed by a major leak of the National Health Insurance data of officers at 11 national security and military agencies, they said.
It was allegedly masterminded by Yeh Feng-ming (葉逢明), a former chief secretary of the National Health Insurance Administration (NHIA), working in collusion with other agency staff, with the information reportedly being passed on to Chinese intelligence officials during Yeh’s trips to China in the past 10 years, media reports said.
Investigation reports allegedly show that Yeh and his family hold more than NT$1 billion (US$32.97 million) in overseas bank accounts.
DPP Legislator Lai Pin-yu (賴品妤) said that the nation lacks independent bodies to oversee personal data protection at government agencies.
“Those bodies currently tasked with scrutinizing internal breaches and data theft are not doing their job. It is unbelievable that vast amounts of government-held private information have been stolen and sold to foreign countries,” she said.
“If this situation is not dealt with in earnest, the public would lose faith in the government,” she said.
‘DENIAL DEFENSE’: The US would increase its military presence with uncrewed ships, and submarines, while boosting defense in the Indo-Pacific, a Pete Hegseth memo said The US is reorienting its military strategy to focus primarily on deterring a potential Chinese invasion of Taiwan, a memo signed by US Secretary of Defense Pete Hegseth showed. The memo also called on Taiwan to increase its defense spending. The document, known as the “Interim National Defense Strategic Guidance,” was distributed this month and detailed the national defense plans of US President Donald Trump’s administration, an article in the Washington Post said on Saturday. It outlines how the US can prepare for a potential war with China and defend itself from threats in the “near abroad,” including Greenland and the Panama
A wild live dugong was found in Taiwan for the first time in 88 years, after it was accidentally caught by a fisher’s net on Tuesday in Yilan County’s Fenniaolin (粉鳥林). This is the first sighting of the species in Taiwan since 1937, having already been considered “extinct” in the country and considered as “vulnerable” by the International Union for Conservation of Nature. A fisher surnamed Chen (陳) went to Fenniaolin to collect the fish in his netting, but instead caught a 3m long, 500kg dugong. The fisher released the animal back into the wild, not realizing it was an endangered species at
The High Prosecutors’ Office yesterday withdrew an appeal against the acquittal of a former bank manager 22 years after his death, marking Taiwan’s first instance of prosecutors rendering posthumous justice to a wrongfully convicted defendant. Chu Ching-en (諸慶恩) — formerly a manager at the Taipei branch of BNP Paribas — was in 1999 accused by Weng Mao-chung (翁茂鍾), then-president of Chia Her Industrial Co, of forging a request for a fixed deposit of US$10 million by I-Hwa Industrial Co, a subsidiary of Chia Her, which was used as collateral. Chu was ruled not guilty in the first trial, but was found guilty
DEADLOCK: As the commission is unable to forum a quorum to review license renewal applications, the channel operators are not at fault and can air past their license date The National Communications Commission (NCC) yesterday said that the Public Television Service (PTS) and 36 other television and radio broadcasters could continue airing, despite the commission’s inability to meet a quorum to review their license renewal applications. The licenses of PTS and the other channels are set to expire between this month and June. The National Communications Commission Organization Act (國家通訊傳播委員會組織法) stipulates that the commission must meet the mandated quorum of four to hold a valid meeting. The seven-member commission currently has only three commissioners. “We have informed the channel operators of the progress we have made in reviewing their license renewal applications, and
RSS