A Hyundai Capital data breach disclosed in April is resulting in consequences from South Korea’s financial regulator. Yonhap News Agency reports:
South Korea’s financial regulator decided Wednesday to punish Hyundai Capital Services Inc. for lax computer system maintenance, which led to a major hacking attack at the biggest local consumer finance firm.
The Financial Supervisory Service (FSS) launched an inspection into Hyundai Capital on April 11 after a hacker broke into Hyundai Capital between March 6 and April 7, stole personal customer information and demanded cash from the company, threatening to leak it on the Internet.
Holding Hyundai Capital accountable for negligence in computer system security management, the FSS will submit the case to its disciplinary decision committee to decide on the punishment for Hyundai Capital and its executives, according to the regulator.
The FSS said data on 1.75 million Hyundai Capital customers was leaked during the attack, in which the hacker implanted a malicious program on the company’s computer server and was able to download the personal data, more than the 420,000 customers initially stated by Hyundai Capital.
Read more on Yonhap News Agency.
It will be interesting to see what the consequences are to Hyundai, as the regulator is also apparently considering whether to penalize Chung Tae-young, the CEO of Hyundai Capital. Can you imagine if corporate heads in the U.S. were penalized personally for a data breach or lax security? Wow…
Two suspects in the hacking incident were arrested in April.
Carousel photo credit: Bloomberg News
As a Korean, I should point out that these penalties generally tend to be a slap on the wrist or eventually suspended because those involved are “too important for Korea”. Such is the nature of those working for the Korean “chaebol”.
Even if massive fines are imposed, more often than not these “fines” are paid out to charitable organizations that are somehow tied to the heads being penalised. When it’s a charity not related to the person, it’s used as a PR stunt — “hey, look, we’re doing good deeds”!
While corporate heads getting away with stuff in the US might seem egregious, an even worse situation lies where those penalised are not really penalised, masked behind a show meant to castigate and protect those who instigate such reprehensible beahviour.
If you need proof, look up Samsung’s former CEO’s slush fund scandal as an example. Tax evasion, corporate nepotism, bribery, corruption, stock manipulation, and more. The end result is a suspended 3-year sentence because the “crimes are not serious enough for incarceration”; a presidential pardon (his second one in his lifetime. The current President of Korean used to be the head of Hyundai); reinstatement as Samsung CEO without approval of the board (which he essentially owns). The end result at Samsung is not too far off the mark from what happens with heads at other chaebol.
I’m afraid that in the proclamation above, there is less (much less) to what meets the eye. Wow, indeed.
Thank you so much for sharing your perspective, however much it just depressed me. ;p