Stalking crime starts with the leaking of personal information about victims of sex crimes

Jeon Joo-hwan, the suspect in the ‘Sindang Station Stalking Murder Case’, is sent to the prosecution at the Namdaemun Police Station in Jung-gu, Seoul on the morning of the 21st. Jeon Joo-hwan was arrested and sent to the prosecution on charges of revenge murder under the Aggravated Punishment of Specific Crimes Act (Special Prices Act). Reporter Ryu Young-joo
Jeon Joo-hwan (31), the suspect in the ‘Sindang Station Stalking Murder Case’, accessed the Seoul Transportation Corporation’s internal computer network and discovered the address of the victim’s previous home and workplace. The personal information identified in this way led to fatal consequences for the victim who was patrolling the women’s restroom at Sindang Station on Seoul Subway Line 2.

Chun’s crime was made possible by a loophole in the Seoul Transportation Corporation’s accounting system. Jeon Joo-hwan, who had been fired from his job, was found to have read sensitive information such as the victim’s address through the accounting system within the company’s internal enterprise resource management (ERP) system.

In recent high-profile stalking and sex crimes, poor management of personal information has become a target for violent crime.

First of all, how did Jeon Joo-hwan manage to access the victim’s sensitive information?

According to CBS No Cut News coverage on the 21st, Jeon Joo-hwan found the victim’s old address several times before the crime, and was able to identify the victim’s work location which changed in January. There is a part of the accounting system that checks the withholding tax of individual employees, and through this, Jeon Joo-hwan was able to find out the address of the victim. Chun passed the CPA exam in 2016, so it seems he is used to using the accounting system. He did not complete the practical internship for a year, so he was not formally licensed.

Jeon Joo-hwan revealed during the investigation process that he decided to kill the victim right after the prosecution asked for nine years in prison on the 18th of last month. The background that made Chun’s proposed crime possible was the Seoul Transportation Corporation’s poor personal information management system.

Chun was fired from his job after being accused of illegally filming the victim and stalking, but was able to freely enter and exit the company’s internal network. After being tricked as a ‘holiday worker’, he found the station office at Gusan Station on Line 6 and was able to research the victim’s work information through the internal network.


The police said they discovered that Jeon accessed the internal computer network four times on the 3rd and 14th (twice) of this month, including the 18th of last month, and checked the victim’s address. At this time, the address Chun discovered was the address of the victim’s house before he moved.

In order to meet the victim, Jeon visited the area near this old house five times in total on the 5th, 9th, 13th, and 14th (twice) of this month. Police believe the victim was repeatedly accessed from the internal computer network to reconfirm the victim, despite visiting him close to his home address. The victim’s new address was not registered on the computer network.

Although the victim, who did not receive adequate protection from the investigating agency, trusted the judgment of the judiciary and suffered, Jeon Joo-hwan accessed the victim based on the personal information he obtained through the internal system.

Since it was revealed that there were no obstacles to access the internal network of the fired person, the Seoul Transportation Corporation could not be free from criticism that it provided the start of this tragedy. Furthermore, the Seoul Transportation Corporation, which should have controlled the victim’s personal information, was not even aware of Chun’s illegal activities until the early days of the incident.

After the controversy arose, Seoul Transportation Corporation belatedly blocked access to personal information through the accounting system and announced that it would block access to internal computer networks for laid-off workers. Kim Sang-beom, president of Seoul Transportation Corporation, attended a plenary meeting of the National Assembly’s Gender and Family Equality Committee on the 20th and said, “We will block access to the internal computer network for employees who have been released from u jobs and wait until the final trial so that disciplinary action can be taken after the verdict of the first trial,” he said.

With this incident as an opportunity, the Personal Information Protection Committee initiated an investigation into Seoul Transportation Corporation. The Personal Information Commission investigated the possibility of illegality if Mr Jeon accessed the personal information processing system without permission.

This is not the first time that a victim’s personal information has become the start of a crime. Lee Seok-jun, whose identity was determined last year, was controversial when it was revealed that he used the victim’s address and other personal information through the Heungshin Office to commit the crime.

A citizen commemorates the victim at the memorial space provided at the entrance to the women's restroom at Sindang Station, Seoul Subway Line 2, where the 'station worker stalking and murder case' occurred on the 16th.  Reporter Ryu Young-jooA citizen commemorates the victim at the memorial space provided at the entrance to the women’s restroom at Sindang Station, Seoul Subway Line 2, where the ‘station worker stalking and murder case’ occurred on the 16th. Reporter Ryu Young-joo
Lee Seok-jun, who was investigated by the police on charges of imprisoning and sexually assaulting the victim four days before the crime, resented it when the victim asked the police for protection, and found the residence of the victim through the Heungshin Office. After that, he impersonated a delivery driver, entered the victim’s house, killed the victim’s mother (49) with a knife, and seriously injured his younger brother (13).

The court ruled that Lee Seok-jun was not only guilty of revenge murder under the Serious Penalties for Specific Crimes Act, but also of violating the Personal Information Protection Act, given that he had obtained the victim’s address through various means such as Office Heungshin. .

At that time, the merchant ship Heungshinso who provided personal information was revealed to be a civil servant at the Gwonseon-gu Office in Suwon, causing controversy. The information about the victim, of which a public official paid 20,000 and submitted it to the Heungsin Office, was passed on to Lee Seok-jun through two other Heungshin Offices.

It was revealed that the public officer had asked for personal information using the ‘secondary inquiry right’ which is used when the ward office imposes a fine for road occupation. It was investigated that he illegally investigated 1,101 cases of personal information for about two years from January 2020 and gave it to an entertainment company. In addition, small business owner Heungshin who provided victim information to Lee Seok-jun was sentenced to one year in prison.

Jo Joo-bin, the operator of ‘Doctor’s Room’, a room for producing and distributing sexual exploitation telegrams, had also illegally obtained personal information from victims and used it as a threat. Cho recruited public service workers working in community centers or ward offices, and then entered the victims’ personal information through them.

In particular, Jo Joo-bin’s assistant, Choi, was a social worker at a community center in Seoul, in charge of registering residents, etc., and was able to access residents’ personal information. It was investigated that he illegally inquired about 200 people’s personal information and passed it on to participants in Telegram sexual exploitation rooms such as Jo Joo-bin for a fee.

At that time, public service personnel did not have the right to ask for personal information, but public officials took advantage of their busy schedules to search for it illegally. ‘Buta’ Kang Hoon, known as an accomplice, also served the public interest and stole personal information about the victim and her family.

As the leak of personal information led to serious crime, the government published ‘Public Sector Personal Information Leak Prevention Measures’ in July. In accordance with the zero tolerance principle, if a public official deliberately leaks or uses public personal information, the ‘one-out’ system was introduced, and a system was established to impose fines and surcharges on public organisations.

The amount of personal information leaked from public organizations has increased dramatically from 36,000 cases in two organizations in 2017 to 213,000 cases in 22 organizations in 2021.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.