The credit agency purchased personal data of Taiwanese people on the dark web, involving 93 million entries.
The Criminal Investigation Bureau revealed last Friday (7/18) that the well-known chain credit agency 'Kuo Hua Credit Agency' Taichung branch has exploded into a major personal data leakage case.
In 2022, there were reports of a massive data leak from Taiwan's household registration data, and the responsible person surnamed Chen from Kuo Hua Credit Agency instructed 44-year-old engineer surnamed Liao to illegally purchase up to 93 million entries of personal data of Taiwanese citizens on the dark web in 2023 for approximately 5,000 Tether ($USDT), equivalent to 150,000 NTD at the time.
According to (Mirror News Network), this batch of personal data is astonishing, covering household registration data, shopping websites like PChome, and social media platforms like Facebook, almost encompassing the data of all Taiwanese citizens born before 2018, even including the full information of President Lai Ching-te's ID number and address.
After obtaining the data, engineer surnamed Liao set up an internal inquiry system, allowing credit agency employees to conduct information comparison inquiries based on name, address, ID number, etc., and packaged these services with surveillance and cheating detection as 'project prices', charging from 10,000 to 100,000 NTD.
Source: Criminal Investigation Bureau. Kuo Hua Credit Agency purchased personal data of Taiwanese people on the dark web using Tether ($USDT) and sold it, involving 93 million entries.
The Criminal Investigation Bureau conducted a joint investigation into the credit agency, seizing key equipment.
The Criminal Investigation Bureau's Technology Crime Prevention Center received an anonymous report in April this year and immediately reported it to the Shilin District Prosecutor's Office in Taiwan for investigation.
According to (Sanli News Network), the project team mobilized police forces from six counties and cities including Taichung, Taoyuan, Chiayi, Hsinchu, Yilan, and Keelung, to simultaneously search the Kuo Hua Credit Agency Taichung branch on June 16.
Police arrested 55-year-old actual responsible person surnamed Chen, 44-year-old engineer surnamed Liao, and 8 other employees during the operation, totaling 10 people. They seized important evidence such as database server mainframes, involved server Wi-Fi devices, personal data file backups, and client contracts at the scene, and immediately shut down the illegal inquiry website.
It is understood that Kuo Hua Credit Agency's personal data inquiry website operated from 2023 to April 2025, during which there were 400 IP logins for inquiries, making the extent of the data leak difficult to estimate.
Source: Criminal Investigation Bureau. Kuo Hua Credit Agency purchased personal data of Taiwanese people on the dark web using Tether ($USDT) and sold it, involving 93 million entries.
The responsible person and the engineer of Kuo Hua Credit Agency have been detained by the prosecutor's office.
The Criminal Investigation Bureau stated that the personnel involved are suspected of violating Article 19 and Article 20 of the Personal Data Protection Act and have been transferred to the Shilin District Prosecutor's Office in Taiwan for further investigation based on related charges under Article 41 of the Personal Data Protection Act.
(Know News) Reports indicate that after a follow-up interview, the responsible person surnamed Chen was released on bail for 400,000 NTD, while the engineer surnamed Liao was released on bail for 200,000 NTD. The remaining 8 individuals were also transferred to the prosecutor's office for investigation based on related charges.
The Criminal Investigation Bureau urges government agencies and private enterprises to regularly review their cybersecurity protection mechanisms and strengthen database access control. At the same time, it reminds the public to establish cybersecurity awareness, avoid registering accounts or providing personal data on unknown platforms, and regularly update passwords and enable two-factor authentication to reduce the risk of data leaks.
Further Reading:
People in the crypto circle, please be careful! A total of 16 billion sets of account credentials have leaked worldwide, quickly do these two things to protect your crypto assets.
Full payment test environment account credentials leaked! Hackers selling with Monero, official: users are not affected.
'Lai Ching-te is also a victim! The credit agency used USDT to buy 93 million entries of Taiwanese personal data and packaged it for sale.' This article was first published on 'Crypto City'.
