January 26, 2014
Cybercrooks Score: Half of All South Koreans’ Credit Card Data
If you didn’t know, now you know: there probably shouldn’t be any expectation that credit card information—or any personal details stored in digital form—is completely safe from hackers. Just as shoppers in the United States were grappling with the theft of 70 million credit card accounts from Target, comes word that credit card data for nearly half of all South Koreans has been purloined. More than 20 million South Korean credit card accounts, including those belonging to President Park Geun-hye and United Nations Secretary-General Ban Ki-moon, were part of the trove plundered in the cyberheist.
The data—including names, identification numbers, income, marriage and passport numbers—was stolen by a computer contractor working for the Korea Credit Bureau, a firm that computes credit scores for consumers and businesses. Ironically, the contractor was ostensibly there working on a project aimed at helping to make credit cards forgery-proof. But from what investigators have been able to piece together, the technician took advantage of the access the credit bureau has to databases run by KB Kookmin Card, Lotte Card, and NH Nonghyup Card, three of the nation’s leading credit card issuers. In February, June, and December 2013, the contractor simply downloaded data to a USB stick and walked out with it. Bad as that easy access was, what’s worse is the fact that the data was unencrypted. Worse still was that the credit card firms didn’t even realize that the information had been copied until investigators pulled the wool from over their eyes.
The entrepreneurial hacker immediately turned the cache into cash; according to officials at the Financial Supervisory Service (FSS), he sold the information to a couple of people, including a loan marketer and a broker. Details regarding the caper began to come out when the contractor and one of the people to whom he sold the data were arrested.
The three companies whose databases were copied issued public apologies and assured the public that steps are being taken to shore up security. Cho Yeon-haeng, president of Korea Finance Consumer Federation, a customer rights group, told Reuters that, “What is needed is stopping repercussions by re-issuing all the affected credit cards.”
Meanwhile, the Financial Services Commission, the country's national financial regulator, issued a statement saying that the credit card firms will cover any financial losses related to the incident. But that hasn’t stopped consumers from filing lawsuits against the credit card companies because of the security lapse. A class-action lawsuit was filed on Monday, one day after the FSS revealed the extent of the data theft.
The above statements do not represent those of Weston Legal or Michael Weston and they have not been reviewed for accuracy. The statements have been published by a third party and are being linked to by our website only because they contain information relating to debt. Nothing in this article should be construed as legal advice given by Weston Legal or Michael Weston. To view the source of the article, please following the link to the website that published the article. Articles written by Michael W. Weston can be viewed here: To report any problem with this article please email firstname.lastname@example.org