[Newsmaker] Weak security for Korean credit cards

By Korea Herald

Major firms fall victim to another massive breach of personal data

  • Published : Jan 20, 2014 - 19:57
  • Updated : Jan 20, 2014 - 19:57
Customers wait to have their credit cards reissued to prevent losses from a leak of personal information at the Lotte Card Center in a branch of Lotte Department Store in Seoul on Monday. (Yonhap News)

The country’s credit cards firms are facing their worst crisis on record with people rushing to cancel accounts following yet another massive data leak scandal.

Data breaches of various scales have been uncovered recently and banks here have been raising their security measures to protect customers’ data.

Yet, this time some of the major credit card firms, such as KB Kookmin Card, Nonghyup and Lotte Card, have fallen victim to data breaches.

The prosecutors looking into the case announced that the personal data of at least 10-17 million bank and credit cards holders has been leaked, making it the largest data breach case ever reported here.

That means data on a majority of credit card holders ― there are reportedly some 20 million card users in Korea ― or nearly one-fifth of the total population, was leaked, suggesting that card firms’ data protection systems are obviously not working properly.

The concern is not only the size of the breach, but also the sensitivity of the leaked data. According to the prosecutors, more than 10 kinds of personal information, including bank account numbers, phone numbers, home and office addresses and also credit cards numbers ― as many of 104 million pieces of data ― were leaked.

Some victims were not even credit card holders, suggesting that the credit card firms’ trading partners and affiliated banks were also linked to the massive data breach.

Experts say that a more worrying sign is that the majority of financial firms here were not even aware of the leaks for nearly one year, until the prosecution began the recent investigation.

Prime Minister Chung Hong-won on Monday called for the financial regulators to step up security measures for data protection and to strengthen punishment against those involved in data breaches as a preventive measure.

And the Financial Supervisory Service said it would widen its investigation into banks and credit card firms across the country to prevent further damage.

Despite the announcement, customers rushed into their banks on Monday to cancel their credit cards due to concerns about secondary damages, such as malicious spam texts or phishing emails and financial fraud.

“We feel like we’re walking through a minefield because we can’t predict where, when and who’s involved in the wrongdoing,” a chief executive of major banking group told The Korea Herald.

By Oh Kyu-wook (