Illegal Personal Information Trading Continues... 'One-Stop' Trading System
Used for Crimes Including Spam Text Messages
Experts "Investigative Agencies Must Respond Proactively"

Seller of 'Corona List' Caught... But Illegal Personal Data Trading Continues View original image

[Asia Economy Reporters Song Seung-yoon and Lee Jung-yoon] An operator who distributed a database (DB) of 7 million personal information records, commonly known as the 'Corona List,' was arrested by the police(See Asia Economy, 23rd edition, page 10, 'Corona List Seller Finally Caught'), but crimes involving illegal acquisition and distribution of personal information are still rampant.


Secure messengers like Telegram serve as channels, and in the underground market, buyers, sellers, and intermediaries are connected, forming a distribution market where transactions take place in one place. Those who want the DB can easily obtain personal information with just one search if they wish. On Telegram, there are even group promotion rooms where operators gather. Hundreds of illegal DB sales promotion posts are uploaded daily in these rooms.


DB buyers mainly seek personal information for purposes such as recruiting members or loan solicitation. They intend to conduct telemarketing or send spam messages to unspecified large groups. For this reason, the types of DBs vary widely. Examples include 'Toto DB' based on illegal gambling site registration information and 'Fishing Club DB' containing fishing cafe member information. These DBs are traded at prices ranging from as low as 10 won to several hundred won per record, depending on accuracy and content. As seen in the case of the distributed 'Corona List DB,' many sellers fabricate false information to attract buyers.


The problem is that once personal information is distributed like this, it keeps circulating from one person to another. Once leaked, it is difficult to reverse, and it is not easy to identify the amount and routes of leakage. The leaked personal information is often combined with other information to be reproduced and traded again.


While some resell DBs obtained from others, like the Corona List sellers, many cases involve stealing personal information through hacking. The Personal Information Protection Commission recently announced that after acquiring and analyzing illegal personal information DBs from overseas websites sharing leaked personal data due to hacking, about 23.46 million records were leaked from 1,362 domestic websites. After personal DB transactions between individuals, other types of damages also occur. Typical examples include using illegally obtained DBs for voice phishing crimes or scams where payment is received but the DB is not delivered. According to the Personal Information Protection Commission, there were 37,667 cases of voice phishing related to personal information leaks last year, with damages amounting to 639.8 billion won.

On the 8th, when social distancing level 2.5 was in effect due to the spread of the novel coronavirus disease (COVID-19), an electronic entry log notice related to COVID-19 prevention was installed at CGV Yongsan I'Park Mall in Seoul. Photo by Moon Honam munonam@

On the 8th, when social distancing level 2.5 was in effect due to the spread of the novel coronavirus disease (COVID-19), an electronic entry log notice related to COVID-19 prevention was installed at CGV Yongsan I'Park Mall in Seoul. Photo by Moon Honam munonam@

View original image

The police, the Korea Communications Commission, and the Korea Internet & Security Agency continuously conduct crackdowns on illegal acquisition, trade, and distribution of personal information, but eradication remains difficult. Since damages often do not become visible, such crimes are not as actively pursued compared to similar types of offenses. This is especially true for personal transactions rather than hacking-related personal information theft cases.


Experts warn that illegal distribution of personal information can serve as a foundation for various crimes. Professor Lim Jong-in of Korea University Graduate School of Information Security said, "Spam messages and phishing crimes using illegally distributed personal information are at a serious level," adding, "There are many cases where youths are approached and lured into participating in sex trafficking and phishing crimes."


Professor Yeom Heung-yeol of Soonchunhyang University’s Department of Information Security also stated, "Because personal information has become valuable, crimes involving hacking or insider leaks, as well as secondary crimes using this information, are widespread," and emphasized, "Along with strengthening punishments for illegal DB sellers, investigative agencies such as the police need to proactively respond to these illegal personal information trades."


Hot Picks Today

"Samsung and Hynix Were Once for the Underachievers"... Hyundai Motor Employee's Lament "Samsung and Hynix Were Once for the Underachievers"... Hyundai Motor Employee's Lament

A police official said, "Since large-scale personal information leaks directly lead to fraud crimes, we are strictly responding to this in cooperation with the Personal Information Protection Commission," and added, "During the special intensive crackdown on fraud crimes starting early next year, we plan to conduct crackdowns on such activities as well."


한글 기사 보기
This content was produced with the assistance of AI translation services.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.

Today’s Briefing