Hackers stole the personal information of 997 North Korean defectors after accessing a South Korean resettlement agency’s database, according to the South Korean Unification Ministry.
The ministry announced on Friday it became aware of the breach last week when it found that names, addresses, and birth dates of nearly a 1,000 defectors were taken.
Ministry officials said the breach occurred last month when an employee of the government agency Hanna Foundation opened an email with malware, reports the Wall Street Journal. The employee reportedly wasn’t following protocols to keep North Korea defectors’ data encrypted and on offline computers.
The Hana institution is one of 25 centers that aid approximately 32,000 defectors as they transition to a new life away from the repressive regime.
According to the ministry, 1,127 people defected from North Korea last year. Their statistics show between 1,000 and 1,500 defectors have left the country every year since 2011, when Kim Jong Un took control.
Earlier this year, McAfee security researchers released a report that suggested North Korea-based hackers were attacking defectors through Android apps with malware. FBI deemed North Korea hackers responsible for a 2014 attack on Sony Pictures.
Kang Chol-hwan, a North Korean defector and leader of a human rights organization, told the Wall Street Journal that the recent hack seems to come from North Korea.“Who would need such information? Authorities trying to confirm whether people reported missing or dead are really in fact missing or dead,” Kang said to the news outlet.
Simon Choi, a security researcher who focuses on North Korea cyber attacks, told the BBC he believes a North Korea hacking group that targets defectors attempted to hack a Hana center last year. He clarified it is not certain that this most recent hack came from a North Korea.
South Korea also has not placed blame on North Korea.
According to Reuters, the ministry stated it has informed the victims of the recent breach.