US databases in South Korea hacked, employee info compromised

Hackers may have stolen personal information on more than 16,000 South Koreans working, or applying to work, for the U.S. military, according to the top U.S. military official in the country.

Army Gen.  Curtis M Scaparrotti, commander of U.S. Forces South Korea, said a server had been compromised and two databases may have been breached. The databases contained personal information on Korean nationals who work, have worked or have applied for jobs with the military. However, no bank or credit card data was taken and no military classified information resided on the system, USFK said. 

The affected system is a human resources recruiting system separate from the U.S. military network.

Scaparrotti notified the people affected in a letter released June 5. “We deeply regret and apologize for any inconvenience and concern this matter may cause you,” he wrote, adding that USKF “takes this potential compromise very seriously and is reviewing policies and practices with a view of determining what must be changed to preclude a similar occurrence in the future. The safety and protection of our employees’ personal information are paramount to USFK.”

The breached systems has been taken offline and replaced with an alternate method of handling the employment process is in place, Scaparrotti said.

He said the breach is being investigated, though there was no indication that the attackers had been identified. Cyberattacks in South Korea reportedly are fairly common and often blamed on North Korea, which has denied any involvement.

The United States has about 28,500 personnel—representing the Army, Navy Air Force and Marines—in South Korea as a hedge against the north.