South Korean credit card firms suspended over data breach

South Korean credit card firms suspended over data breach

Summary: Don't protect your customer data? Don't expect to carry on as normal.

SHARE:
credit cnet
Credit: CNET

South Korea's financial watchdog has suspended the activity of three credit-card issuers after the firms failed to prevent a high-profile breach resulting in the theft of data of as many as 104 million cards.

According to the Wall Street Journal, the South Korean Financial Supervisory Commission (FSC) has stopped KB Financial Group, NongHyup Financial Group and retailer Lotte Group from issuing new cards to customers for three months starting on the 16 February. The commission will lift the ban on May 16.

In addition, all three companies will be fined 6 million won ($5,640) for their roles in the breach. It is believed that a temporary employee of the Korea Credit Bureau (KCB), now arrested, stole the data by saving it on a USB stick between October 2012 and December 2013. The former employee then sold this information to phone marketers, of which executives have also been arrested.

Read this

South Korea raises regulatory penalties following massive data leaks

South Korea raises regulatory penalties following massive data leaks

Top execs face dismissal, while financial firms face heavier fines and suspensions as part of proposed measures in the wake of the data breach involving over 20 million credit card customers revealed earlier this week.

The financial data of at least 20 million people was sold to marketing firms after being stolen. As South Korea has one of the highest rates of credit card use -- with adults often owning multiple cards and switching firms for the best deal -- the theft of the personal information of over a quarter of the country's population is no small cybercrime.

The FSC said the companies had "neglected their legal duties of preventing any leakage of customer information," according to the BBC.

As a result of the data breach, which included email and residential addresses as well as I.D. and telephone numbers, the companies have apologized publicly, and some executives have resigned or offered to step down.

Another high-profile breach currently being investigated is the security breach at U.S. retailer Target, where at least 40 million customer records were stolen late last year. Potentially, the data theft was due to a successful phishing campaign which infected the networks of a third-party contractor, which eventually led to the infiltration of Target's point-of-sale systems.

Topics: Security, Data Management

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion