Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
TENS OF THOUSANDS of South Koreans flooded banks and call centres Tuesday to cancel credit cards following the unprecedented theft of the personal data of at least 20 million people.
Since Monday, more than 1.15 million victims of the country’s largest-ever leak of private financial information have cancelled their credit cards permanently or requested new ones, according to the Financial Supervisory Service (FSS).
The panic has its roots in the arrest earlier this month of an employee from personal credit ratings firm Korea Credit Bureau, on charges of stealing and selling data from customers of three credit card firms while working as a temporary consultant.
Overwhelmed
On Sunday, financial regulators announced that at least 20 million people – in a country of 50 million – had been victims of the data theft.
The data stolen from the internal servers of KB Kookmin Card, Lotte Card and NH Nonghyup Card included names, social security numbers, phone numbers, e-mail addresses, credit card numbers and expiration dates.
The three firms deployed thousands of extra workers to branches and call centres to handle the complaints and cancellations that poured in when the extent of the scam became apparent.
“We’ve been totally overwhelmed for the past two days,” said one official at KB Kookmin Card.
Social networking sites and major internet portals were deluged with complaints about the long wait at bank branches and problems with paralysed websites and call centres.
“I tried the call centre for more than six hours with no success, and eventually had to go to the bank to wait nearly an hour to cancel my credit card,” said one NH Nonghyup customer.
“I’m at Lotte Card (office) to cancel my card. They say I have to wait six hours!” tweeted another angry customer, @casiopea1027.
All special call centres run by the three firms were busy Tuesday and some of their websites could not be accessed at all.
Investigations
Dozens of their top executives have tendered their resignations, while the government is expected to announce special measures aimed at preventing a similar crisis in the future.
Regulators have launched investigations into security measures at the affected firms.
“We will hold them fully responsible for the data leak if their sharing of client data among affiliates and lax internal control turn out to be the cause,” FSS chief Choi Soo-Hyun was quoted as saying by Yonhap news agency.
President Park Geun-Hye has called for strong punitive measures against those responsible for the data theft amid growing concerns among customers that their information could fall into the hands of scammers.
The three firms have said they would fully cover financial losses if their customers fell victim to scams related to the latest data theft.
Official data showed more than nine million clients have logged on to the websites of the three firms to check whether their personal information was stolen.
Many major South Korean companies have seen customers’ data leaked in recent years, either by hacking attacks or their own employees.
An employee of Citibank Korea was arrested last month for stealing the personal data of 34,000 customers.
In 2012 two South Korean hackers were arrested for stealing the data of 8.7 million customers at the nation’s second-biggest mobile operator.
In November 2011 Seoul’s top games developer Nexon saw the personal information on 13 million users of its popular online game MapleStory stolen by hackers.
In July the same year, personal data from 35 million users of Cyworld – the South’s social networking site – was stolen by hackers.
To embed this post, copy the code below on your site
We really have to get data protection sorted. Nowadays people keep almost everything on the cloud.
How can you keep something on a cloud?
You can keep water in a cloud
Cloud computing ya pair of clowns
My mammy says my head is often in the clouds.
20 million people is the vast majority of Korea’s adult population!
So when South Koreans ring a call centre does that mean the call centre is in India? Just saying like
I wonder if their northern counterparts are to blame? State sanctioned hacking is nothing new to them.
Read the article, not a hack, rather an employee stealing and selling the data
I’ve read it, considering its scale, I’m simply speculating. They have a track record of such data theft (which has generally been done through hacking). These guys are at war so such tactics would be hardly surprising. I’m speculating of course, the root of this will probably not come to front, especially not in this article.
There’s really not a lot that can be done for physical theft of data i.e plugging in a USB drive and walking off with it. Edward snowden did it,Bradley manning, it’s very hard to protect against, unless every one is searched on the way out and USB drives confiscated.
It’s actually very easy to protect against it but most organisations just don’t implement a device control solution.
You’re dead right Barry, USB drives and CD/DVD writers, which by the way is what Bradley Manning used, can be disabled, and should be, in any organisation that uses sensitive information.
have your say