하나투어_개인정보_유출사고로_행정처분_의결외부.hwp (43 KB)

South Korea’s Ministry of the Interior and Safety described the 2017 Hanatour breach that exposed personal data for 494,669 people, including 424,757 resident registration numbers. The investigation said an unidentified hacker compromised a NetClient server, distributed malware to work PCs and servers, gathered internal information, and used plaintext credentials from a contractor environment to reach the security network through Rview without additional authentication. The attacker also obtained Hi-TAM database access credentials stored unencrypted on an internal PC and remotely accessed operational and development databases to exfiltrate personal data. The case highlights how weak contractor oversight, missing multi-factor access controls, unencrypted stored credentials, and retained legacy personal data enabled a large breach and regulatory penalties.