SEOUL—A breach of South Korea’s military database by suspected North Korean hackers originated in compromised third-party cybersecurity software and was made possible by an unintended connection to the internet, according to people familiar with the attack.

The cyberassault in September last year, in which South Korean and U.S. military secrets were stolen, caught South Korean officials off guard, the people said, because it occurred within a military intranet believed to have been cut off from the internet and therefore...