Seoul, South Korea – South Korea’s Centers for Disease Control adn prevention (KDCA) experienced two personal information leaks in recent months, compromising teh data of dozens of individuals, according too documents submitted to the National Assembly Health and Welfare Committee by Representative Kim Sun-min.
On August 1st, the KDCA mistakenly sent the complete results of a regional health and nutrition survey - including the names, gender, age, body mass index (BMI), and a URL link to view detailed results – to 24 individuals instead of the intended recipients. The data pertained to 48 people who participated in the survey. the KDCA immediately requested the recipients delete the data and blocked access to the URL. All 48 individuals whose information was exposed were notified of the breach within 72 hours via phone and text message.
A separate incident occurred on June 25th at a ‘Rare Disease Genetic Counseling’ symposium hosted by the Korea Rare Disease Foundation. A presentation prepared at the foundation’s request included a data collection containing the names of 10 patients, their suspected diagnoses, and test results. Though the data was deleted from the presentation screen at the event, the KDCA determined the following day that the printed data collection constituted a leak. The KDCA recovered the data collections and individually informed the affected patients, also reporting the incident to the personal Information Protection Committee as required by law.
“The Pyeong -Pyeong Office, which has the disease information of the people following the Health Insurance Corporation, also had a leakage of personal information,” stated Representative Kim Sun-min.
The KDCA did not immediately respond to requests for further comment.
