In the latest instance of continuing cyber-attack on Taiwan, a threat actor has offered to sell over 28 million national registration records allegedly stolen from the Bureau of Labor Insurance, a body under the Ministry of Labor.
The threat actor has not posted any ransom demand, researchers at Cyble Research and Intelligence Labs (CRIL) told The Cyber Express. It is yet to be ascertained whether each document contains individual PIIS of Taiwanese citizens. The total population of Taiwan is currently 23.6 million.
The PR division and the threat alert branch of Taiwan’s National Computer Emergency Response Team did not respond to email requests for comments on the development.
Latest data breach in Taiwan
CRIL researchers who verified the threat actor’s post on the dark web marketplace BreachForums told The Cyber Express that the records included NHI ID, name, date of birth, gender, address, mobile number, resident ID, employment information (address and contact information), and email address of the residents of Taiwan employed in police, military, trade unions, schools, bank, hospitals and other government and private offices till 2019.
The threat actor shared 500,000 sample records to support the claim. “This threat actor is highly reputed seller on the forum,” a Cyble threat intelligence researcher told The Cyber Express.
“This person has previously offered massive database allegedly stolen from the Department of Household Affairs, Taiwan Ministry of the Interior. We will continue monitoring the TA’s activities,” the researcher added.
The initial post came on November 20. No further updates were there at the time of publishing this report.
Long list of cyber attacks
Taiwan has remained in cyber security news since August 2022, when tensions spiked between the country and China after the visit of US House of Representatives Speaker Nancy Pelosi.
“The Taiwanese President’s website, along with the websites of the Ministry of Foreign Affairs, Ministry of National Defence, and Taiwan Taoyuan International Airport domains, were down intermittently due to Distributed Denial of Service (DDoS) attacks. Taiwanese TV broadcasts were hijacked, and a map of China was displayed, including Taiwan, with a patriotic Chinese song in the background,” said a Cyble report on the rising cyber-attacks.
Messages reading “Warmonger Pelosi, get out of Taiwan!” emerged on hacked digital signs at 7-Eleven convenience stores all around Taiwan. A hacked digital signage at a railway station in Kaohsiung, a port city in the south of Taiwan, named Pelosi was as “an old witch”.