Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

One Out of Every Two South Koreans Had Their Names, Social Security Numbers and Credit Card Details Compromised by a Computer Contractor

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

It’s not easy being a citizen of South Korea. The nation is under constant threat of nuclear annihilation or blackmail by North Korea’s enigmatic, possibly unstable, strange and dangerous leader, Kim Jong-un. Just ask his uncle, Jang SongThaek. Well, you can’t really. You see Kim had him executed purportedly for procuring teenage girls for Kim’s late father. Anyway, that’s what Kenji Fukimoto, a former cook for the Kim family told Hey, he’s never lied to us.

The point is South Koreans already had enough to worry about. Now here comes news that 20 million South Koreans, roughly half the country’s population, had their credit card data stolen by an IT contractor who works for a company which produces credit scores. The data was subsequently sold to marketing firms. And, subsequent to that, the contractor was arrested as were the managers of the marketing firms. reports:

Early reports suggest that the contractor got hold of the giant trove of data thanks to the access Korea Credit Bureau enjoys to databases run by three big South Korean credit card firms. The contractor stole the data by copying it to a USB stick.

Regulators are now looking into security measures at the three firms – KB Kookmin Card, Lotte Card, and NH Nonghyup Card – to ensure data stays safe. A task force has been set up to investigate the impact of the theft. The three bosses of the credit card firms involved made a public apology for the breach.

In a statement the Financial Services Commission, Korea’s national financial regulator, said: “The credit card firms will cover any financial losses caused to their customers due to the latest accident.”

Another official at the FSC said the data was easy to steal because it was unencrypted and the credit card firms did not know it had been copied until investigators told them about the theft.

This theft of consumer data is just the latest to hit South Korea. In 2012, two hackers were arrested for getting hold of the details of 8.7 million subscribers to KT Mobile. Also, in 2011, details of more than 35 million accounts of South Korean social network Cyworld were exposed in an attack.

Perhaps South Koreans can console themselves with the fact that Dennis Rodman prefers visiting the North. Of course that could always change when he gets out of rehab.

By ThreatMetrix Posted