"Could It Be My Information Too?" Massive Leak of Credit and Debit Card Data...Citizens Outraged
Massive Illegal Leak of Card Customer Information Detected
Citizens Concerned About Financial and Personal Data Breach
Police and Financial Supervisory Service Unable to Assess Damage Scope
Card Companies Fined for Leaking Over 100 Million Customer Records
Experts Urge Stricter Punishments to Prevent Recurrence
There is a growing call to strengthen the punishment for crimes related to personal information. Despite a series of information leakage incidents, management remains inadequate, highlighting the urgent need for countermeasures. Photo by Yonhap News
View original image[Asia Economy Reporter Kim Suwan] As it was revealed that financial personal information such as domestic credit and debit card information, bank account numbers, resident registration numbers, and mobile phone numbers were leaked from the seized items of a suspect who attempted to hack a commercial bank's computer network last year, citizens' criticism has poured in.
The controversy has intensified as it is known that the suspect has a prior record of being punished for hacking the POS terminals of card merchants in 2014 and stealing a large amount of credit card information. It is pointed out that if a solid protection system had been established at the time of the customer information leakage incident, this case would not have occurred.
Citizens are criticizing the repeated incidents related to personal information leakage, saying "Isn't this negligence in information management?" and are raising their voices that urgent measures to prevent recurrence are needed.
Experts pointed out that the effectiveness of punishment should be increased to prevent the recurrence of such crimes.
The Seoul Metropolitan Police Agency's Security Investigation Unit announced on the 14th that they obtained two external hard drives during the investigation of additional crimes and accomplices of Lee (42), who was arrested last year on charges of planting malware in Hana Bank's computer network.
The external hard drives have capacities of 1TB and 500GB respectively, and digital forensic results confirmed that a large amount of credit card information was stored through hacking and other means. The 1.5TB capacity is known to be able to hold about 41.2 billion credit card information records.
Among them, Lee is known to have been punished for hacking the POS terminals of card merchants in 2014 and stealing a large amount of credit card information.
As a result, voices are growing that punishment for crimes related to personal information should be strengthened. Although information leakage incidents continue, management is insufficient, so urgent measures are needed.
Office worker Kim (29) said, "It is impossible to take back information that has already been leaked," and added, "There was a similar incident before, but it happened again. Who takes responsibility? It is important personal information, so strengthen the punishment." He also said, "The protection system related to personal information is weak, which is also a problem," and added, "A solid countermeasure is needed so that this does not happen again."
The problem is that it is difficult to specifically identify the leaked data.
The police are expanding the investigation, judging that there are more accomplices involved in this personal information leakage besides Lee, but it is reported that they are having difficulty in analyzing the data content in detail.
Experts pointed out that the government needs to conduct thorough management inspections of companies and institutions handling personal information. Photo by Asia Economy DB
View original imageOn the other hand, while personal information leakage is directly related to individuals' privacy, the punishment has been found to be minimal. Previously, an employee of the credit information company (KCB) illegally collected and distributed a large amount of customer information from three credit card companies?KB Card, Lotte Card, and NH Card?but consumers who participated in a joint lawsuit for damages due to information leakage received only 100,000 won as consolation money.
Also, according to the Financial Supervisory Service's confirmation, card companies were found to have violated obligations to prevent external leakage of customer information, safety compliance obligations, and internal control procedures due to negligence in protecting card members' information, but each card company received a three-month partial business suspension and a fine of 6 million won. Although personal information has a value that cannot be measured in money, awareness of this remains low.
Experts pointed out that the government needs to conduct thorough management inspections of companies and institutions handling personal information. Professor Lee Eunhee of Inha University's Department of Consumer Studies said, "The recurrence of such incidents is due to weak punishment for those who commit related crimes," adding, "Personal information can cause not only individual property loss but also harm to life. Therefore, it must be handled strictly."
She continued, "It is necessary for the government to manage and inspect whether each company has well-established personal information guidelines and whether management processes are being operated legally," she suggested.
Meanwhile, the government plans to implement measures that citizens can feel. The Ministry of the Interior and Safety, the Financial Services Commission, and 48 central administrative agencies have prepared specific plans to protect personal information. The Personal Information Protection Commission (PIPC) held a plenary meeting on the 8th and finalized and approved the '2021 Personal Information Protection Implementation Plan' of the 48 central administrative agencies.
The Personal Information Protection Implementation Plan concretizes the '4th Basic Plan for Personal Information Protection (2021-2023)' established and announced by the PIPC at the government-wide level in February, and includes annual detailed plans by ministry, covering personal information protection policies and system improvements, operation of protection systems, education, and publicity.
Hot Picks Today
!["Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①](https://cwcontent.asiae.co.kr/asiaresize/93/2026051914165468840_1779167814.png)
"Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①
- "No Cure Available, Spread Accelerates... Already 105 Dead, American Infected"
- "If That's the Case, Why Not Just Buy Stocks?" ETFs in Name Only, Now 'Semiconductor-Heavy' and a Playground for Short-Term Traders
- "Reporters Who First Revealed Jo Jinwoong's Juvenile Offense History Cleared of Juvenile Act Violation"
- Instead of a National Assembly Profile, Now a 'Carpenter'... Ryu Hojung Says "I Couldn't Do a Body Profile Shoot Twice"
To this end, the PIPC will work on improving personal information protection policies and systems. It will strengthen the management of personal information processing systems, focusing on ministries with a large share of personal information retention and management. On-site inspections of affiliated and subordinate agencies will also be expanded. Furthermore, to respond quickly to personal information infringement incidents, the PIPC will organize response systems and conduct drills by ministry. Additionally, it plans to establish and strengthen management and supervision systems for safe data utilization by supporting data linkage in fields such as health, welfare, and education.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
