SKorea credit card data theft highlights lapses

Jan 20, 2014 by Youkyung Lee
From left, NH Nonghyup Card head Sohn Kyung-Ik, Lotte Card CEO Park Sang-hoon and KB Kookmin Card CEO Shim Jae-oh, bow to offer an apology over a data theft during a news conference in Seoul, South Korea, Monday, Jan. 20, 2014. A massive theft of customer data from the three major credit card firms in the country has shown security lapses in the financial industry. Financial Services Commission Chairman Shin Je-yoon said Monday the credit card companies had failed to ensure adequate security. (AP Photo/Kim Ju-sung, Yonhap)

A massive theft of customer data from three major credit card firms in South Korea has shown security lapses in the financial industry.

First revealed by prosecutors, the theft of information linked to 80 million such as salaries, monthly card usage, credit rating and card numbers has sparked widespread public concern. Cardholders are flocking to bank branches and overloading call centers and service websites to find out if their information was stolen.

Local media said the theft may have affected most credit card holders in a country of 50 million people. Prosecutors and the financial regulator said no financial losses have been reported.

Financial Services Commission Chairman Shin Je-yoon said in a statement Monday that the credit card companies had failed to ensure adequate security.

The chief financial regulator urged the companies to be vigilant about data theft not only by hackers but also by employees and contractors. South Korean financial firms, media companies and governments have fallen victim to cyberattacks in the past with local authorities blaming North Korea as a culprit in some cases.

But the latest data breach exposed how confidential was poorly managed by financial firms.

Prosecutors said last week that an employee of Korea Credit Bureau, a contractor, stole the data beginning 2012 by copying data to a USB device.

Prosecutors said the worker, who was responsible for the development of new software to detect , sold the data to a loans company.

The stolen data from Lotte Card and the credit card units of KB Financial Group and NongHyup Bank was unencrypted, according to Cho Sung-mok, a director at the Financial Supervisory Service.

He said the companies were unaware of the theft until prosecutors began an investigation.

NongHyup Bank's card division did not notice the data breach for more than a year while KB was unaware for over six months.

Chiefs at credit card firms apologized and authorities have vowed to beef up security measures.

Explore further: 20 million people fall victim to S. Korea data leak

5 /5 (1 vote)
add to favorites email to friend print save as pdf

Related Stories

Neiman Marcus is latest victim of security breach

Jan 12, 2014

Luxury merchant Neiman Marcus confirmed Saturday that thieves stole some of its customers' payment card information and made unauthorized charges over the holiday season, becoming the second retailer in recent ...

Target: Customers' encrypted PINs were stolen

Dec 27, 2013

Target said Friday that debit card PIN numbers were among the financial information stolen from millions of U.S. customers who shopped at the retailer earlier this month.

Recommended for you

Britain urges Russia to shut down webcam spying site

7 hours ago

A Russian website offering thousands of live feeds peering into bedrooms and offices around the world by accessing poorly secured webcams should be taken down immediately, British officials said on Thursday.

NSA Director: China can damage US power grid

11 hours ago

China and "one or two" other countries are capable of mounting cyberattacks to shut down the electric grid in parts of the United States. That's according to Admiral Michael Rogers, the director of the National Security Agency ...

Some in NSA warned of a backlash

14 hours ago

Current and former intelligence officials say dissenters within the National Security Agency warned in 2009 that secretly collecting American phone records wasn't providing enough intelligence to justify ...

Russia hacking site spying webcams worldwide: Britain

17 hours ago

Britain's privacy watchdog on Thursday called on Russia to take down a site showing hacked live feeds from thousands of homes and businesses around the world and warned it was planning "regulatory action".

Let's Encrypt certificate authority to launch 2015

Nov 19, 2014

Web encryption for free—tough deal to turn down? After all the instances of cyberattacks, snoopers and sophisticated surveillance, encryption technology has become especially appreciated and familiar to ...

Hackers turning smartphones into slave armies

Nov 19, 2014

Mobile security firm Lookout on Wednesday warned that Android-powered smartphones or tablets are being targeted with malicious software that puts them at the mercy of hacker overlords.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.