The hacking of government databases has become a hobby, and a good way to make some cash, these days. Some do it for the clout, some for the thrills, some to set some injustice right.
Regardless, when a database gets loose on the dark web, everybody involved will have something to lose in the long run. Case and point, this new Taiwan Government database hack, perpetrated by a “known and reputable actor” of the Department of Household Registration, Under Ministry of Interior.
Cyble’s researchers came across the data leak from the ris.gov.tw on the dark web. According to the post that the team found, the breach comprises over 20+ million records, the entirety of the Home Registry Data Base, and it seems that the hack captured an entire country’s government data.
The size of the archive is at 3.5 GB, and every entry had the following fields: the full name, full address, ID number, date of birth, and phone number of the citizen. It should be noted that there are several accounts with ‘NULL/empty’ DoB records and, consequently, it’s hard to confirm how recent the leak was.
The list goes all the way back to 2008, up to 2019, and given the sensitivity of the leak, Cyble’s researchers have acquired it and will be soon indexed at AmiBreached.com as well.
At the moment, the Taiwanese Government has not made any comment on the situation or acknowledged it in any way. Most likely, the US-based cyber threat intelligence company will talk directly with some officials behind closed doors.