News

Exclusive: Security Breach at NEC: 14 Access Passes to Core Facilities Unaccounted For

[Anchor]

The National Election Commission (NEC), which previously sparked public outrage over a shortage of ballot papers, has now been found to have lax security management at its core computing center. It has been confirmed that 14 visitor access passes were not returned, and these passes remained functional until the NEC belatedly realized the oversight and revoked their access privileges.

Son Hyeong-an reports.

[Reporter]

The National Election Commission building in Gwacheon, Gyeonggi Province, was designated as a "Grade A" national critical facility—the highest level of security—on December 10 of last year.

The computing center, which houses the election information system, is located on the second floor of the building.

This is the list of "unreturned visitor access passes for the NEC computing center" obtained by SBS through the National Assembly.

On December 31 of last year, the NEC suspended the access privileges for 10 "computing center visitor passes," including serial numbers 48 and 49.

These passes, mostly issued to external contractors since October of last year, were not returned after their authorized access periods expired, prompting the NEC to block them only after the issue was discovered.

It was also revealed that the passes in question were configured to allow access even into this year.

This means there was a significant security loophole, as the access privileges remained active until the NEC belatedly recognized that the passes had not been returned.

Because there is no record of basic information such as the recipients in the computer system, and the manual visitor log is inaccurate, it is currently impossible to determine who these passes were issued to or for what duration.

Furthermore, the NEC admitted that in addition to the 10 passes it belatedly deactivated at the end of last year, the whereabouts of one pass issued this year and three spare passes are also unknown.

In total, 14 visitor access passes to the computing center remain unaccounted for.

The NEC explained that visitor passes do not allow access to core internal facilities such as server rooms, and that accessing the election information system requires separate authentication by logging into the security system from a PC terminal.

An internal NEC source who spoke to SBS in a written interview stated, "Even though passes were not returned, they kept issuing new ones as if they were just rotating cards," adding, "They couldn't even properly manage access to the building."

[Lee Man-hee / People Power Party Lawmaker: It is truly deplorable that access passes for the computing center were not properly managed and that multiple instances of loss occurred. I believe institutional improvements are absolutely necessary.]

The National Election Commission acknowledged the "negligence in access pass management" and stated, "Moving forward, we will verify the issuance status on a weekly and monthly basis and strengthen security for access to the computing center."

Reported by Son Hyeong-an | Video by Shin Dong-hwan and Kim Nam-seong | Video Editing by Oh Young-taek | Graphics by Jegal Chan and Jang Chae-woo | Data provided by the office of Rep. Lee Man-hee (People Power Party)
※ Please note: This article was translated by AI and may contain errors.
Copyright Ⓒ SBS & SBSi. All rights reserved.
Copying, redistribution, and unauthorized use in AI training are strictly prohibited.

Most Read