Cyber Incident Victim: Taiwanese Ministry of Foreign Affairs Bureau of Consular Affairs

In late 2016, the Taiwanese Ministry of Foreign Affairs Bureau of Consular Affairs (BOCA) experienced a cybersecurity incident involving unauthorized access to its email systems. The breach was discovered when BOCA identified irregularities in an email account used as the primary communication channel with 117 Taiwanese overseas missions globally. Subsequent investigations revealed that unidentified attackers had compromised email account passwords, enabling access to correspondence between BOCA and its overseas offices over a three-month period. The compromised emails contained sensitive personal data of Taiwanese citizens planning international travel, including full names, national identification numbers, passport numbers, mobile phone numbers, and residential addresses. Approximately 15,000 individual data files were potentially exposed through this intrusion. The bureau did not publicly specify the exact intrusion date or technical methods used by the attackers to obtain credentials.

BOCA's leadership publicly addressed the incident on February 8, 2017, when Deputy Director Winston Chung held an emergency press conference to acknowledge the breach and apologize to affected citizens. The bureau initiated internal probes immediately upon detecting the email system anomalies, though no details were provided regarding containment measures or system remediation. Authorities emphasized that no victims had reported identity theft or financial fraud directly attributable to the breach at the time of disclosure. The incident exposed vulnerabilities in BOCA's email-based data transmission practices for consular communications, particularly regarding the handling of sensitive traveler information through potentially unsecured channels. No attribution to specific threat actors or groups was disclosed by Taiwanese officials during the initial announcement.