They claimed that no nationals had yet reported that they were victimised due to the hack.
Speaking at an emergency press event, Winston Chung, deputy head of the Ministry of Foreign Affair’s Bureau of Consular Affairs (BOCA), apologised to the public at an emergency press conference, saying that the possible leak was due to hacker’s intrusion to its email system.
The bureau has recently found irregularities on its email account that serves as contact window to 117 Taiwanese overseas offices around the world, Chung said.
BOCA promptly launched probes into the matter and found that unidentified hackers may have stolen the email account passwords and were therefore able to access emails the bureau had sent to its overseas offices over the past three months.
These emails contained personal information of Taiwanese travellers planning to travel overseas, including their names, personal ID numbers, cellphone and passport numbers and addresses.
The information was originally left to BOCA as part of its service that will give nationals quicker access to consular services abroad in case of emergencies.
“We could not find the whereabouts of these attackers and why they did that but we have taken all necessary responsive measures and beefed up our computer system’s information security management system,” he said.
He said they had already implemented precautionary measures to prevent data from being sent to Taiwan’s offices worldwide. To prevent further breaches, these offices are now required to apply directly to BOCA to access citizens’ records should they need to contact these travellers.
Chung said the bureau has formed a task force to deal with the incident, and alerted those nationals who made use of BOCA’s service over the past three months of the hack.
He urged them to change their passwords if they were worried that their personal information being stolen. But he added that so far BOCA has received no complaints from these nationals in question.
Those who already found their personal information be stolen can contact BOCA via 02-23432868, 02-23432922, 02-33435551 or email to info@boca.gov.tw
The official noted that the targeted BOCA’s email system is separated from other systems such as those handling passport and visa applications. Those systems, therefore, were not affected during the incident. It is also separate from MOFA’s email system in sending official or sensitive documents to overseas offices, he added.
BOCA To Amend Registration System
To prevent similar hacker attempts from happening again, Chung said the bureau is expected to streamline the registration system to the service so that people would not have to leave that many detailed personal information to BOCA in the future.
A source close to the matter told The China Post that in the future travellers may only need to leave their passport number instead of their R.O.C. ID number.
Chung stressed said the bureau will continue to push for the service to ask travellers to leave contact information before foreign visits despite the latest incident, which have proven effective for government to establish contact with Taiwanese should emergencies occurred in foreign lands.
The service has been in place since August 2002. However, very few people have taken advantage of the service, according to BOCA. More than 10 million Taiwanese visit overseas annually but only 50,000 of them have made use of the service last year.
Asked to comment, ruling Democratic Progressive Party lawmaker Tsai Shih-ying called on the Foreign Ministry to apologise over the information leak and punish those responsible for the incident.
Echoing Tsai’s view, Liao Kuo-tung, party whip of the opposition Kuomintang legislative caucus, said the incident should not have happened and that the ministry should review its procedures to identify any possible problems with its email system.
Read also: Taiwan seeks stronger cybersecurity ties with US to counter China threat
