The Republic of South Korea has the United States to thank for helping them see a serious data breach taking place on government websites.  While conducting the annual Ulchi Freedom Guardian mission, an analyst with the government saw that information about members of the Education, Science, and Technology Ministries was still available online.  Despite thinking that they had taken care of this problem, the South Korean officials contacted quickly removed the additional information and alerted search engines that they needed to remove the data from their crawling.  At this point, there is still only limited information about the extent of the exposure.

All in all, around 8,000 employees of the government have been affected.  Within the material that was lost were names, birth dates, social security numbers, cellular phone numbers, and IDs to access secure government servers and files.  This last piece of information not only has the potential for identity theft, but for much larger implications toward the security of some important government material.  Some of the details also show that students at Seoul University might have been exposed, although this is still part of an ongoing investigation and there has not been a definitive word if this is the case or not.

It appears that someone within the Education Ministry discovered the breach a few weeks back and had deleted the source code which led to most of the material.  It was only after the American consultant said that there was still more available from Google and other search engines, did technicians within the government go back to clear more paths and remove the files from public access.  This left a window of two weeks when the data was still online after security experts thought that everything was protected.  What can be said at this point is that the government has launched a full investigation to find out what is responsible for the problem and to seek any legal actions against people who intended to create this breach.

A security expert familiar with the case said that it most likely took place because the government servers at these ministries do not have a filter that limits the spread of personal information.  Upon further question, a spokesman for the government said that budget concerns last year had delayed the purchase of such a filter until the next fiscal year.  In the mean time, they did recognize that their servers were more vulnerable to data breaches.

At this point, those who have been affected are advised to look into ID theft subscription services, such as Lifelock.  This company monitors all three credit bureaus to keep an eye and a limit on identity theft.  Whenever paperwork comes through that involves one of its customers, Lifelock halts the information and consults the person named on the documents to make sure they are legitimate.  Fraudulent claims are deleted and not processed.