S. Korean credit card firms punished for data leak

Feb 16, 2014
South Korean customers wait to reissue their credit cards at a branch of Lotte Card in Seoul on January 21, 2014

South Korean regulators Sunday suspended some operations of three credit card firms as punishment for the unprecedented theft of financial data on more than 20 million people.

The country's largest-ever theft of personal financial data from KB Kookmin Bank, Lotte Card and NH Nonghyup Card involved more than 40 percent of the country's 50 million population.

The case provoked fury when revealed by prosecutors last month, with thousands flooding the firms' branches for days to cancel or get new ones.

The three credit card companies will be banned from issuing new credit cards for three months until May 16, the Financial Supervisory Commission (FSC) said Sunday.

"These firms neglected their duties...to prevent the leak of customers' information and (to comply with) internal controls," it said in a statement.

Operations involving existing cardholders will be unaffected, the FSC said, adding each of the three firms will also be fined six million won ($5,640).

The data was stolen by an employee from personal credit ratings firm Korea Credit Bureau who once worked as a temporary consultant at the three firms. He was arrested last month.

The stolen data included names, social security numbers, phone numbers, e-mail addresses, home addresses, and even personal credit ratings.

Millions of affected customers have since cancelled cards or applied for new ones.

Credit card usage is particularly high in South Korea, where the average adult has four or five cards.

The three-month ban on accepting new customers is the heaviest state penalty in the South's competitive credit card market, where customers often switch cards to get more benefits or rewards.

Many major South Korean companies have seen customers' data leaked in recent years, either by hacking attacks or their own employees.

An employee of Citibank Korea was arrested last December for stealing the personal data on 34,000 customers.

In 2012 two South Korean hackers were arrested for stealing data on 8.7 million customers at the nation's second-biggest mobile operator.

In November 2011 Seoul's top games developer Nexon saw the personal information on 13 million users of its popular online game MapleStory stolen by hackers.

In July the same year, personal data from 35 million users of Cyworld—the South's social networking site—was stolen by hackers.

Explore further: 20 million people fall victim to S. Korea data leak

add to favorites email to friend print save as pdf

Related Stories

S. Korea vows harsh penalties for data leaks

Jan 22, 2014

South Korean regulators Wednesday vowed harsh corporate penalties for data theft, as angry customers swamped credit card offices for a third day after 20 million people had their financial information stolen.

Recommended for you

China blocks 'privacy' search engine DuckDuckGo

2 hours ago

China has begun blocking the privacy-protecting search engine DuckDuckGo, which avoids storing user data or tracking online activity, according to the company and security researchers.

FBI widens probe of naked celebrity photos

2 hours ago

The FBI vowed Monday to widen a probe into the massive hacking of naked celebrity photos if necessary, after new reported leaks including nude shots of Kim Kardashian.

New ZEBRA bracelet strengthens computer security

7 hours ago

In a big step for securing critical information systems, such as medical records in clinical settings, Dartmouth College researchers have created a new approach to computer security that authenticates users ...

CloudFlare tackles lost SSL key risk with Keyless SSL

Sep 19, 2014

Organizations looking for and concerned about optimal security protection are the targets of a new service announced by San Francisco-based CloudFlare. The offering is called Keyless SSL. CloudFlare explained ...

When does Google hand over your data to governments?

Sep 19, 2014

Governments around the world want to know a lot about who we are and what we're doing online and they want communications companies to help them find it. We don't know a lot about when companies hand over ...

User comments : 0