- CyberCrime Center
February 4, 2014
It’s not easy being a citizen of South Korea. The nation is under constant threat of nuclear annihilation or blackmail by North Korea’s enigmatic, possibly unstable, strange and dangerous leader, Kim Jong-un. Just ask his uncle, Jang SongThaek. Well, you can’t really. You see Kim had him executed purportedly for procuring teenage girls for Kim’s late father. Anyway, that’s what Kenji Fukimoto, a former cook for the Kim family told rfa.org. Hey, he’s never lied to us.
The point is South Koreans already had enough to worry about. Now here comes news that 20 million South Koreans, roughly half the country’s population, had their credit card data stolen by an IT contractor who works for a company which produces credit scores. The data was subsequently sold to marketing firms. And, subsequent to that, the contractor was arrested as were the managers of the marketing firms.
Early reports suggest that the contractor got hold of the giant trove of data thanks to the access Korea Credit Bureau enjoys to databases run by three big South Korean credit card firms. The contractor stole the data by copying it to a USB stick.
Regulators are now looking into security measures at the three firms – KB Kookmin Card, Lotte Card, and NH Nonghyup Card – to ensure data stays safe. A task force has been set up to investigate the impact of the theft. The three bosses of the credit card firms involved made a public apology for the breach.
In a statement the Financial Services Commission, Korea’s national financial regulator, said: “The credit card firms will cover any financial losses caused to their customers due to the latest accident.”
Another official at the FSC said the data was easy to steal because it was unencrypted and the credit card firms did not know it had been copied until investigators told them about the theft.
This theft of consumer data is just the latest to hit South Korea. In 2012, two hackers were arrested for getting hold of the details of 8.7 million subscribers to KT Mobile. Also, in 2011, details of more than 35 million accounts of South Korean social network Cyworld were exposed in an attack.
Perhaps South Koreans can console themselves with the fact that Dennis Rodman prefers visiting the North. Of course that could always change when he gets out of rehab.
ThreatMetrix secures Web transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 160 million active user accounts, 2,500 customers and 10,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Bank Fraud, CNP fraud, Consumer Data, Cookieless Device Identification, Cookies, Credit Card Fraud, Cyber attacks, Data Breach, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Fraud Prevention, Hacking, Identity Spoofing, Identity theft, Malware, Malware Detection, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Online Fraud, Phishing, Phishing Detection, PII, ThreatMetrix Cybercrime Index, ThreatMetrix Global Trust Intelligence Network, ThreatMetrix Web Fraud Map, TrustDefender Cybercrime Protection Platform, Web Fraud