South Korean data breach results in 220m records stolen

16 people have been arrested for stealing personal details of half the population

Personal details, relating to half of South Korea's population, have been stolen by hackers, including full names, account names, passwords and resident registration numbers.

The hack was revealed after 16 people were arrested for stealing data from a number of online game and movie ticket sites. They are said to have set up targeted attacks on registration pages of the sites to siphon off the personal details.

In total, 220 million records were stolen and they are said to contain 'personally identifiable' information about 27 million people aged between 15 and 65.

One of the hackers, known only by the name of 'Kim', used an extractor that allowed him to log onto user accounts after they used the sign up page and buy virtual currency using their account. He then managed to sell this virtual currency for a profit of $390,000 (235,000).

Working with an accomplice, Kim also sold information to third parties, including, it's thought, mortgage fraudsters who paid him just 10 won (0.006) for each person's data and people issuing illegal gambling advertising who each paid him 17 pence.

South Korean authorities are still searching to find out how far the data has travelled and are on the lookout for five more people they think were involved in the security breach.

This isn't the biggest data breach seen by South Koreans, though. In 2011, 35 million people (70 per cent of the population) had their details stolen when a Cyworld, a South Korean social network and Nate, a search engine, was hacked.

Earlier this year, 20 million South Koreans had their registration numbers stolen when an employee of the Korea Credit Bureau stole details of residents.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
EU plans to launch bloc-wide cyber task force
cyber attacks

EU plans to launch bloc-wide cyber task force

22 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021