In late 2018, a Gyeongbuk Hana Center employee’s PC in South Korea was infected through a malicious email, exposing files containing personal information for 997 North Korean defectors. The leaked data included names, birth dates, and addresses, while contact numbers and resident registration numbers were reportedly not in the affected files. Authorities confirmed the breach after a field investigation on December 19, referred the case to police, notified victims, and conducted emergency checks across Hana Centers; the incident also exposed failures to password-protect and store defector data on systems separated from the internet.