Confidential Data on Taipei Officials Stolen, Messaging App Implicated In the Plot

It’s possible the hackers are planning to use the personal information in a so-called social engineering gambit to tease out even more sensitive material.  The filched data could allow “hackers to assume the names of secretaries to ‘friend’ commissioners and their staff” on widely-used messaging app Line, Taipei Times reports.

Taipei Department of Information Technology Commissioner Lee Wei-bin said a list of city department heads along with confidential information about them had been compromised.

Malware used in the operation installed a “backdoor” that antivirus software failed to detect.

The city intends to review the segregation of computer systems among the city’s departments, secretariat and the mayoral office, as part of the cleanup effort.

“In response to criticism from Taipei city councilors that the city government’s extensive use of Line groups creates security risks, Lee said there was an implicit tradeoff between perfect security and administrative efficiency,” according to Taipei Times.

Since Taipei Mayor Ko Wen-je and much of the city government was already using Line, it would be costly and time-consuming to switch to in-house messaging software, he said.

China is suspected of orchestrating the attack, the Epoch Times reports.

The hack was discovered “when officials in other departments of the mayor’s office received requests for the personal information of city advisors that the secretary never made,” the publication reports. City officials disclosed the incident on April 14.

At a City Council question-and-answer session, a legislator asked the mayor about the leaking of legislators’ personal information to specific Taiwan press. Ko then reportedly “exploded” and said that his office was subjected to a cyberattack.