The Korean Association for Public Administration (KAPA), linked to the domain kapae.or.kr, has allegedly been compromised, resulting in the exposure of a significant internal database. A threat actor posting on a dark web forum claims to possess the database, which reportedly contains sensitive records of members, including professors, researchers, and government officials. The leak appears to impact a wide range of professionals affiliated with major South Korean universities and research institutes such as KAIST, Korea University, and various government research bodies.
According to the sample data provided by the actor, the compromised information appears to be a user management database. The allegedly compromised data includes:
-
Full names (Korean and English)
-
User IDs and Hashed Passwords
-
Email addresses (including
.ac.kr,.re.kr, and.go.krdomains) -
Mobile and landline phone numbers
-
Dates of birth
-
Physical home addresses
-
Professional affiliations and department details












