The Korea Herald


Data leaks involve more firms

Prudential Life allowed U.S. headquarters to access data without consumer consent, says FSS

By Kim Yon-se

Published : Feb. 3, 2014 - 19:51

    • Link copied

The headquarters of Prudential Financial Inc. in Newark, New Jersey. (Bloomberg) The headquarters of Prudential Financial Inc. in Newark, New Jersey. (Bloomberg)

Financial regulators have revealed a consumer data leak at a foreign-controlled insurance company, showing that more financial firms were involved in the scandal that has left the nation wracked with concerns over security breaches.

Some employees of Prudential Life Insurance Company of Korea were found to have been engaged in leaking the personal information of up to 51 policyholders, according to the Financial Supervisory Service on Monday.

“Prudential Life Korea was found to have allowed outside persons to access and refer to the data without the approval of the policyholders,” an FSS official said. “The practice is a critical breach of related regulations.”

A spokesman for Prudential Life said the U.S. headquarters had accessed the information to check whether the Korean unit was properly collecting insurance premiums. The spokesman denied that the process was a data leak.

Meanwhile, at an insurance company jointly owned by U.K. and Korean financial companies, the regulatory inspectors at the FSS uncovered a cyber system glitch.

“Woori Aviva Life Insurance’s network system was paralyzed for nine hours last year,” said an official.

The FSS also said it found irregular data sharing between Kookmin affiliates.

Between 2011 and 2012, KB Life Insurance offered KB Kookmin Card kickbacks worth 9.4 billion won ($8.5 million) in exchange for receiving a personal data list from the credit card affiliate. Exploiting the list, KB Life attracted about 60,000 contracts, the FSS said.

The first-tier banking industry has also become a main scrutiny target of regulators. The FSS said it has launched a probe into some commercial banks, adding that it has recently found that Shinhan, Woori and Hana were found to have collectively lost the private information of 103,000 of their clients.

The incident comes after the prosecution announced that there had been 137,000 cases of data breaches at two of the nation’s major foreign-owned banks ― Citibank Korea and Standard Chartered Bank Korea.

Some of the stolen information was found to have contained private data such as whether consumers fulfilled their mandatory military conscription and information on their families.

Others included the customers’ credit score, the ceiling set on their monthly credit card use, marital status and whether they owned automobiles.

Over the past few years, the financial industry has come under severe criticism due to a series of financial accidents. Among the firms that lost personal information were Hyundai Capital, Samsung Card, Hana SK Card and NongHyup Financial Group.

Officials estimated that the number of victims of the leakage at the three card firms ― KB Kookmin, Lotte and NongHyup ― reached 15 million, which is equivalent to 70 percent of the nation’s total cardholders.

By Kim Yon-se (