Democratic Progressive Party (DPP) lawmakers yesterday accused government agencies of negligence and dereliction of duty following reports of major personal data breaches, which they said have seriously compromised national security.
Since 2016, there have been eight major cases of personal data leaks at government agencies and state-run enterprises, they said.
“This has stoked public anger, as government officials have shown little concern and a lack of urgency in dealing with these national security breaches,” DPP Legislator Liu Shyh-fang (劉世芳) told a news conference at the Legislature Yuan in Taipei.
Photo: CNA
Private data breaches have occurred repeatedly, but government officials treat them on a “case-by-case” basis and have not taken concrete action to plug these leaks, DPP Legislator Hung Sun-han (洪申翰) said.
“I have yet to see any government agency take an assessment, and pinpoint the weaknesses and vulnerabilities in our personal data storage systems,” he said.
“The new Ministry of Digital Affairs should shoulder the responsibility of coordinating with judicial investigation agencies and national security units to assess the nation’s information security system, recommend ways to enhance personal data protection, and come up with a new national strategy to prevent [data leaks] and strengthen information security,” he said.
The ministry, which started operating last year, oversees the Administration for Cyber Security, whose stated aim is to boost cybersecurity defense to protect “critical information infrastructure,” implement the Cyber Security Management Act (資通安全管理法), build a resilient, secure, smart country, and connect competent authorities to expand national cybersecurity defense mechanisms, he said.
“If the ministry and the Administration for Cyber Security cannot deal with these personal data breaches, why were they established in the first place?” Hung asked.
Liu and Hung presented a list of major data leaks over the past seven years that were either an inside job by government bureaucrats or due to hackers.
They included the theft of 17,000 transaction records at state-run Chunghwa Post Mall in May 2016 by hackers based in China and 58,000 personal data files at the Ministry of Labor’s Workforce Development Agency in July that year.
An incident at the Ministry of Civil Service in June 2019 led to the leak of 200,000 civil workers’ personal files, which were put on sale on foreign Web sites, while local household registration records were placed on sale on the Darknet in May 2020, allegedly by workers in the Ministry of the Interior’s Department of Household Registration (戶政司), the lawmakers said.
These were followed by several major breaches last year — another household data leak in October from the same department, and hackers penetrating government-run Taoyuan General Hospital last month and stealing patients’ and medical personnel files, they said.
This month saw a major security breach at China Airlines, with hackers allegedly stealing the personal data of customers, including Taiwanese business leaders, politicians and celebrities.
It was followed by a major leak of the National Health Insurance data of officers at 11 national security and military agencies, they said.
It was allegedly masterminded by Yeh Feng-ming (葉逢明), a former chief secretary of the National Health Insurance Administration (NHIA), working in collusion with other agency staff, with the information reportedly being passed on to Chinese intelligence officials during Yeh’s trips to China in the past 10 years, media reports said.
Investigation reports allegedly show that Yeh and his family hold more than NT$1 billion (US$32.97 million) in overseas bank accounts.
DPP Legislator Lai Pin-yu (賴品妤) said that the nation lacks independent bodies to oversee personal data protection at government agencies.
“Those bodies currently tasked with scrutinizing internal breaches and data theft are not doing their job. It is unbelievable that vast amounts of government-held private information have been stolen and sold to foreign countries,” she said.
“If this situation is not dealt with in earnest, the public would lose faith in the government,” she said.
The first global hotel Keys Selection by the Michelin Guide includes four hotels in Taiwan, Michelin announced yesterday. All four received the “Michelin One Key,” indicating guests are to experience a “very special stay” at any of the locations as the establishments are “a true gem with personality. Service always goes the extra mile, and the hotel provides much more than others in its price range.” Of the four hotels, three are located in Taipei and one in Taichung. In Taipei, the One Key accolades were awarded to the Capella Taipei, Kimpton Da An Taipei and Mandarin Oriental Taipei. Capella Taipei was described by
EVA Airways today confirmed the death of a flight attendant on Saturday upon their return to Taiwan and said an internal investigation has been launched, as criticism mounted over a social media post accusing the airline of failing to offer sufficient employee protections. According to the post, the flight attendant complained of feeling sick on board a flight, but was unable to take sick leave or access medical care. The crew member allegedly did not receive assistance from the chief purser, who failed to heed their requests for medical attention or call an ambulance once the flight landed, the post said. As sick
The Taichung District Court yesterday confirmed its final ruling that the marriage between teenage heir Lai (賴) and a man surnamed Hsia (夏) was legally invalid, preventing Hsia from inheriting Lai’s NT$500 million (US$16.37 million) estate. The court confirmed that Hsia chose not to appeal the civil judgement after the court handed down its ruling in June, making the decision final. In the June ruling, the court said that Lai, 18, and Hsia, 26, showed “no mutual admiration before the marriage” and that their interactions were “distant and unfamiliar.” The judge concluded that the couple lacked the “true intention of
A drunk woman was sexually assaulted inside a crowded concourse of Taipei Railway Station on Thursday last week before a foreign tourist notified police, leading to calls for better education on bystander intervention and review of security infrastructure. The man, surnamed Chiu (邱), was taken into custody on charges of sexual assault, taking advantage of the woman’s condition and public indecency. Police discovered that Chiu was a fugitive with prior convictions for vehicle theft. He has been taken into custody and is to complete his unserved six-month sentence, police said. On Thursday last week, Chiu was seen wearing a white
RSS