An IT worker at the Korea Credit Bureau has managed to access and copy 20 million customer credit card details; the company has access to three large databases that hold the credit details of customers of KB Kookmin Card, Lotte Card, and NH Nonghyup Card.
The contractor accessed the databases and copied the information onto a USB stick before selling them to marketing companies to later be sold on. The figure is pretty substantial considering South Korea has a total population of around 50 million.
The unnamed worker has since been arrested and this was when the full scale of the breach was uncovered. The managers at the marketing firms that purchased the data from the contractor have also been arrested.
Bosses from KB Kookmin Card, Lotte Card, and NH Nonghyup Card have made a public apology for the loss of data. The Financial Supervisory service has issued a statement on their website,
The chance of copying credit cards is very slim, as passwords and card validation codes (CVC) were not stolen. If you are concerned about the financial damage from the information leakage, you can ask credit card companies for the change of passwords, or reissuance of credit cards. In addition, you can join identity protection service provided by personal credit ratings firm Korea Credit Bureau (KCB) for free for one year. The service prevents identity theft as KCB checks whether financial companies inquire a consumer’s credit data, by stopping credit inquiries.
This is not the first time South Koreans have been victims of personal data being stolen, in 2012, two South Korean hackers were arrested for taking data from 8.7 million customers at the country's second biggest mobile operator. In 2011 users of the game MapleStory had their details stolen from a database owned by the games developer and in July 2011 users of the South Korean social media site Cyworld also had their details stolen by hackers.
Source: BBC | Image Courtesy of adfsonline