Cyber Incident Victim: Department of Household Registration of Taiwan
Date:
Jan 2019
Location:
Taiwan
Summary
A government database containing sensitive personal information of over 20 million citizens was leaked on the dark web, exposing names, addresses, genders, birth dates, and other private details. The breach involved data from the Department of Household Registration and was reportedly released by a known actor under the title "Taiwan Whole Country Home Registry DB," with claims it originated from an unspecified prior period though its exact recency remained unverified. The 3.5 GB dataset represented an unusual compromise of an entire national registry, highlighting significant risks to citizen privacy and data security.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On May 29, 2020, Taiwan News reported a significant data breach involving the Taiwanese government's Department of Household Registration under the Ministry of the Interior. Researchers from Cyble Inc., a U.S.-based cyber threat intelligence company, identified a 3.5 GB database titled "Taiwan Whole Country Home Registry DB" leaked on the dark web by an actor using the alias "Toogod," described as a known and reputable entity in cybercrime circles. The compromised records contained highly sensitive personal information, including full names, residential addresses, genders, dates of birth, and additional undisclosed private details of over 20 million citizens—a scale representing nearly the entire registered population of Taiwan. Cyble emphasized the exceptional nature of this incident, noting that leaks encompassing an entire national database are rare in cybersecurity incidents. The actor claimed the data originated from a 2019 breach, though Cyble’s analysts could not independently verify the exact timeframe of the compromise or the freshness of the data at the time of its dark web publication.
The leaked information originated directly from the Department of Household Registration’s systems, though the specific intrusion vector or method of exfiltration was not disclosed in available reports. No official statements from Taiwanese authorities regarding containment measures, forensic investigations, or remediation efforts were documented in the source material. The exposure of comprehensive demographic and residency records posed severe risks of identity theft, financial fraud, and targeted phishing campaigns against affected individuals. Cyble’s role was limited to threat discovery and disclosure; their analysis provided no indication of motive, whether the leak resulted from external hacking, insider threats, or accidental exposure. The absence of corroborating details about detection timelines, attacker persistence within systems, or data integrity verification left critical gaps in understanding the incident’s operational impact and the government’s capacity to secure citizen registries.