Cyber Incident Victim: Taiwan Job Bank 1111
Date:
Jul 2019
Location:
Taiwan
Summary
A Taiwanese job bank experienced a data breach where personal information of online members was compromised and leaked on an overseas hacker forum. The exposed data reportedly included approximately 200,000 user records containing identifiers, names, birthdates, email addresses, phone numbers, and physical addresses. The company acknowledged the incident and confirmed collaboration with authorities to investigate the breach, though the full extent of affected users remained undetermined at the time of reporting. A hacker using the alias "tomholland" claimed responsibility for the intrusion and publicly shared samples of the stolen data on RaidForums.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On July 19, 2019, Taiwanese job bank 1111 publicly confirmed a data breach involving the personal information of its online members after the data appeared on an overseas hacker forum. According to reports by Liu Chien-pang and Ko Lin, the compromised data was posted on RaidForums by an individual using the pseudonym "tomholland," who claimed to possess approximately 200,000 records stolen from 1111's systems. The leaked dataset included sensitive user details such as unique user IDs, full names, dates of birth, email addresses, physical addresses, and phone numbers. Henry Ho, the company's vice president, acknowledged the breach but stated the full scope of impacted users and data elements remained undetermined at the time of disclosure. Local authorities initiated an investigation into the incident, though no technical specifics regarding the attack vector, intrusion timeline, or system vulnerabilities were disclosed by the company or law enforcement.

1111 Job Bank engaged with investigative agencies to assess the breach's origins and extent while the leaked data circulated on the forum. The company did not immediately disclose when the breach was first detected relative to the forum posting date or whether affected users had been directly notified. The exposure of personally identifiable information created risks of identity theft, phishing campaigns, and financial fraud targeting job seekers. No information emerged regarding ransom demands, data deletion efforts, or the hacker's motivations beyond the initial data dump announcement. The incident drew media attention through Focus Taiwan's coverage but yielded no subsequent public updates about containment measures, forensic findings, or regulatory penalties. Investigations by authorities remained ongoing at the time of reporting, with no final determination regarding attribution or total impacted individuals.
