The online paper submission and review platform "JAMS" operated by the National Research Foundation of Korea has recently been confirmed to have suffered a hacking attack, resulting in the leakage of personal information of about 120,000 users. This accounts for 15% of the total membership of 790,000.
According to the scientific community on the 13th, the attack began in the early hours of the 6th from a U.S. covert IP, with its origin believed to be in China. The hackers infiltrated the system by manipulating parameters of a web address that resets member passwords. At the same time, signs of trouble were detected as temporary password notification emails were sent to members.
JAMS is a system developed and distributed by the National Research Foundation of Korea that allows domestic academic organizations to process the entire process from paper submission to review and publication online. Currently, 1,553 academic societies are using JAMS, and the cumulative number of registered papers has reached approximately 770,000.
On the day of the incident, the 6th, the National Research Foundation of Korea initially determined through a preliminary investigation that there was no leakage of personal information and focused on blocking email hacking attempts. However, a detailed investigation conducted in cooperation with the Korea Institute of Science and Technology (KIST) Cyber Security Center confirmed that about 122,000 pieces of personal information, including names, dates of birth, email addresses, contact numbers, and account IDs, had been leaked. It was also revealed that sensitive information entered by some users in the "remarks section" was among the data leaked.
The foundation stated, "We have formed a separate task force for responding to personal information breaches and have completed system checks. We are also strengthening risk monitoring as per our manual, and we plan to request a police investigation today."