Reports from August that the government’s Onnara system—the platform public officials use to manage tasks, documents and interagency communication—suffered a data breach have been confirmed.

Lee Yong-seok, head of the Interior Ministry’s digital government innovation office, disclosed during a news briefing at the government complex in Sejong City on Friday morning that the National Intelligence Service had detected signs of the breach in mid-July.

Lee said that an outside party had accessed the Onnara system through an external computer connected to the government's remote work system.

The ministry said 650 Government Public Key Infrastructure(GPKI) digital certificates, which authenticate and secure official communication, were also leaked.

Lee said the government had reviewed the validity of all certificates and found that most of the leaked keys had already expired, and the rest had been revoked as of August 13.

The NIS is currently investigating the details of the breach and its consequences with related agencies.

Lee said authorities suspect that GPKI information was compromised from an external computer due to user carelessness, and that if a public official’s computer was infected with malicious code while they were working remotely, the digital certificate or password necessary to access those assets could've been compromised.

He emphasized that all government agencies have been banned from sharing such certificates and notified of strengthened security measures, including both digital signature authentication and phone-based verification, around the government’s remote work system.

Earlier in August, the U.S.-based cybersecurity and hacking e-zine Phrack reported that the Onnara network had been hacked, exposing the login records of government employees and GPKI certificates used for authentication.