Unidentified hackers swiped the personal information of nearly 1,000 North Koreans living in South Korea, following a breach last month of a government-funded resettlement agency’s database, Seoul officials said Friday, Wall Street Journal reported.
Hackers obtained the names, addresses and dates of birth of some 997 North Koreans who have fled to the South, a Unification Ministry spokeswoman said. The hackers’ identities and motives remain unclear, though South Korean law enforcement is investigating the matter, the spokeswoman said.
A likely culprit is North Korea, according to cybersecurity experts and North Koreans who have left. South Korean officials estimate their country is targeted by an estimated 1.5 million North Korean hacking attempts daily, or 17 every second, the Journal added.
Around 32,000 North Koreans have resettled in the South since an armistice halted the 1950-53 Korean War. But the number of North Koreans relocating to the South—often by crossing the Chinese border—has declined in recent years.
Escaping to the much-richer South is considered treason in North Korea. Citizens caught departing the country without permission are sometimes sentenced to prison or hard labor, while their families suffer financial penalties, according to testimonies documented last year by the Korea Institute for National Unification, a public think tank.
In 2012, North Korean authorities seized the home of one family after they discovered that relatives of that family had exited North Korea without proper authorization. In 2013, a North Korean was sentenced to three months of hard labor after two members of that person’s family was found to have exited North Korea without proper authorization.
The hack made public on Friday appears to be the work of North Korean state security officials who monitor potential dissidents, said Kang Chol-hwan, a North Korean who is now the head of a human-rights organization focusing on the North. “Who would need such information? Authorities trying to confirm whether people reported missing or dead are really in fact missing or dead,” Kang said.
Last month, an employee of South Korea’s Hana Foundation—a government-funded agency that helps North Koreans adjust to capitalist life in the South—unsuspectingly opened an email containing malware, according to the South Korean Unification Ministry spokeswoman. Hana has 25 government-run offices that help North Koreans settle in the South.
The Unification Ministry learned of the breach last week, a ministry official said. The Hana Foundation employee, whose name wasn’t revealed, hadn’t followed rules requiring employees to keep data on people who left North Korea on computers disconnected from the internet, and encrypting the data, the Journal noted.