South Korea's financial regulator said Friday that three card firms will have their businesses suspended for three months starting next week as punishment for a recent massive data breach.

Last month, the Financial Services Commission (FSC) revealed that some 20 million clients' personal data, including bank account numbers, addresses and credit ratings, had been leaked from three credit card firms -- KB Kookmin, NH Nonghyup and Lotte. 

There was also a breach at a bank that shared its customer data with its affiliated credit card firm, according to the regulator.

The punitive measure against the three card firms, to be effective starting Monday, is the first of its kind in 10 years after a credit card fiasco erupted in 2003. 

Under the discipline, the three firms will be banned from attracting new clients, but the service for existing customers, including card settlement and card reissuance, will remain intact. 

Top executives of the three firms will be punished as well, taking responsibility for the largest-ever data leak, according to the regulator.

Following the data leak, the government has been working to revise bills on personal information protection. One possible measure is ordering phone operators to block lines used in illegal financial marketing activities and financial frauds, known as"voice phishing."  

The country has been battling financial crimes carried out through phones, but investigators and regulators have been unable to catch up with scam methods that are becoming more and more sophisticated in conning unsuspecting citizens into giving up their personal information.

Also, the financial regulator is pushing to strengthen monitoring of staff at financial companies and their contractors involved in customer data management, and bar financial firms from sharing client data with their affiliates beyond a set limit. (Yonhap)