Researchers probed for cybersecurity data breach

Researchers probed for cybersecurity data breach

https://www.taipeitimes.com/News/taiwan/archives/2026/05/14/2003857313

Publish Date: 2026-05-13 12:00:00

Source Domain: www.taipeitimes.com

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.

By Liu Yung-yun
and Shelley Shan / Staff reporters

Prosecutors have expanded an investigation into an alleged data breach at the National Institute of Cyber Security, accusing a senior research official of orchestrating an alleged mass collection and sharing of confidential internal documents containing national security-related information. The institute, which is overseen by the Ministry of Digital Affairs, operates as an independent administrative body tasked with advancing the nation’s cybersecurity capabilities, and helping government agencies respond to major cyberthreats. The breach was discovered when the institute’s main frame malfunctioned earlier this year.

Photo copied by Liu Yung-yun, Taipei Times
It was later determined that it was invaded by a Web crawler program systematically harvesting restricted internal documents through exploited system vulnerabilities. The Taipei District Prosecutors’ Office in March questioned three people at the institute who were allegedly involved in the breach, including former advanced research and development section chief Peng Min-chun (彭敏君), and researchers Ting Po-feng (丁柏楓) and Lee Yu-hsun (李昱勳).

Investigators also confiscated their mobile phones and computers as evidence. Peng, Ting and Lee, who could face charges of contravening Criminal Code provisions on interference with computer use and the Personal Data Protection Act (個人資料保護法), were released on bail of NT$500,000, NT$200,000 and NT$100,000 respectively. Prosecutors launched a second wave of investigations on Tuesday, questioning the three suspects again along with Peng’s former supervisor, Hsu Shih-chang (許世璋), and several other researchers accused of accessing sensitive internal documents without authorization. Hsu was later released on bail of NT$200,000. A source familiar with the investigation said that Peng’s team was ordered last year to develop administrative software capable of consolidating human resources documents and reimbursement records. As the team required access to relevant data to develop the software, Peng allegedly instructed Ting and another researcher to develop a Web crawler program that exploited internal system vulnerabilities, the source said, adding that they used Lee’s computer to gain unauthorized access to other departments’ internal data. They allegedly uploaded the sensitive documents to a cloud platform and named the project “XMAS,” allowing researchers within the team to freely access the files, the source said. The institute’s internal inspection found that the login IP address appeared to originate from a computer used by Lee, while the account used to log in belonged to Ting, they said. Prosecutors initially identified Peng as the key figure in the breach, but they later discovered from the collected evidence that Hsu might be the decisionmaker of the operation, they added.