A massive hacking incident that hammered SK Communications, which runs popular social network site Cyworld and the third-ranked portal Nate.com, is now exposing additional security loopholes at other IT companies.
Police said the ESTsoft server might have been used by a hacker who stole the personal information of SK’s 35 million users. ESTsoft is none other than a security solution provider which offers popular antivirus software to corporate clients and general users.
The fact that the antivirus developer’s system was used for getting into the tightly guarded client information database came as a shock to the industry.
The newly discovered loophole also raised another issue that could possibly lead to a flurry of security fixes at major portal service providers. NHN, which runs Naver.com, is said to have asked its employees to remove any unauthorized ESTsoft’s antivirus programs at their PCs.
NHN’s move confirms the widespread doubt that the country’s major portals, which manage a huge database of users, might have be exposed to hacking attacks, just as illustrated by the latest onslaught of SK Communications.
ESTsoft said its programs for corporate clients do not have any security issues, stressing that NHN just took action against an installation of a program designed for ordinary users, not corporate customers.
SK Communications, a unit of the SK Group whose affiliates include top mobile operator SK Telecom, said on July 28 that a personal information leak has been confirmed concerning its 35 million online members.
The scale of the hacking, which SK said seems to be linked to a malicious virus attack from China, is the biggest ever in Korea.
By Yang Sung-jin (email@example.com