Cyber Incident Victim: Taiwan

Chinese hackers compromised approximately 6,000 email accounts across at least 10 Taiwan government agencies in a cyber espionage campaign first detected in 2018. Taiwan's Investigation Bureau Cyber Security Investigation Office attributed the attacks to China-linked threat groups tracked as Blacktech and Taidoor, which systematically targeted government entities and information service providers. Deputy Director Liu Chia-zung confirmed the email breaches while acknowledging ongoing damage assessments, stating the infiltration caused "not small" harm. The government disclosed the incident publicly to raise awareness and mitigate further compromise. This campaign formed part of sustained cyber operations against Taiwan since 2016, coinciding with President Tsai Ing-wen's election and her administration's refusal to recognize Beijing's "one China" sovereignty claim over the self-governed island.

Taiwanese officials characterized the attacks as an escalation of Chinese cyber aggression accompanying increased diplomatic pressure, economic sanctions, and military exercises near Taiwan. While investigators confirmed the email account compromises, they continued evaluating the full operational impact on government systems. The Cybersecurity Investigation Office maintained active monitoring of Blacktech and Taidoor activities while coordinating response efforts across affected agencies. Historical context indicated Beijing intensified cyber operations following Tsai's 2016 inauguration, with this incident representing a confirmed continuation of that pattern through at least 2020. No specific data exfiltrated or subsequent misuse of breached accounts was detailed in public disclosures.