A data leak in KOMSCO (Korea Minting and Security Printing Corporation) was discovered on Sunday. Resident registration numbers, passport numbers and other personal information of e-passport applicants were lost.
The number of victims exceeded 920,000. The list includes some 4,600 civil servants and senior government officials such as the prime minister and other key ministers.
The highest security level is applied to the passport manufacturing division of KOMSCO, but the security seals were tapped.
Kim Ho-yeon, Grand National Party lawmaker, said that the personal information of over 920,000 people who applied for e-passports between August and November last year was leaked by the staff of the contracting firm.
According to the KOMSCO security regulations, the personal information of passport applicants must be deleted from its electronic server as soon as the passports are made. But employees of the passport machine company sent it to company headquarters every week. They said that by doing this they were trying to establish the optimal interval for changing parts of the passport manufacturing machines.
Comments by Nikolay Fedotov, InfoWatch chief analyst: «According to InfoWatch statistics, a considerable part of incidents is caused by the "greediness" of an operator, storing confidential data that is not really required. Or not required at all. Or even prohibited for storage, like bank cards details in the Internet stores. But human psychology makes people keep copies — "just in case". And the "case” is usually a leak — accidental or intentional. But someone else’s lessons are never learned».
