Agencies Leaked Registration Numbers

From February 1 until March 17, Dong-A Ilbo surveyed a total of 299 homepages, including 114 public institution webpages, 35 university webpages, and 150 private enterprise webpages with the help of the Internet homepage quality diagnosis companies Sentinel Technology and Matrix. The survey results showed that 17,626 resident registration numbers were exposed on 84 homepages without any protective measures.

A total of 11,035 resident registration numbers were discovered on 41 out of 114 public institution homepages, 17 out of 35 university websites had 1,417 resident registration numbers listed, and 26 out of 150 private enterprises websites had 5,174 numbers listed.

The data was collected by using a search robot, excluding sites that require registration on approval. The results prove that registration number information is available on the internet.

A total of 13 of the websites containing registration numbers were government-invested institutions (2,433 cases), 10 were central administrative agencies (2,198 cases), 10 were state-subsidized institutions (2198 cases) and five were local authorities (6,137 cases).

The public sector organization that exposed the most resident registration numbers was the Seoul City Office. It bared a total of 6,088 resident registration numbers, including the resident registration numbers of 4,923 people who were listed on the leaders of Seoul city venture companies, which was made in 2004.

In the cases of major private enterprises, Sisnet that recently merged with an online payment agency Korea Cyber Payment disclosed the most, 4,826, resident registration numbers. Among the universities, Inha University carried the most personal information on its homepage, with 814 cases including resident registration numbers and addresses of 276 elementary students who applied to the Science Education Center for the Gifted Youth. Homepages of these institutions had a number of problems such as the prolonged abandonment of typed resident registration numbers, poor security caused by the insufficient system design, admission of searching robots to the manager’s screen, and inadequate defensive measure against searching robots.

In fact, the homepage that bared resident registration number in large scale contained document files carrying resident registration numbers. Some homepages neglected personal information that users input on a board.

In addition, some homepages made public personal information in official documents or notices.

Regarding the matter, an official of the Ministry of Information and Communication (MIC) said, “Our own investigation found that some homepages lack efforts to protect personal information, for which we ordered them to correct,” and added, “We will investigate 100,000 homepages as to how they are protecting personal information beginning the second half of this year.”