Kim Ji-hyun reports that criticism of Samsung Card is starting to pile up following its recent breach disclosure following an insider data leak:
Samsung Card, one of the nation’s leading credit card companies, is under fire for trying to downplay the leak of clients’ personal information as concerns mount over the frequent exposure of such data online in the world’s most wired country.
Though Samsung Card had reason to believe that data of up to 800,000 clients may have been compromised after an employee allegedly extracted their personal information, the credit card firm initially gave a much smaller number of clients in its initial report.
Samsung Card alerted the Financial Supervisory Service and the police last month that the data of 18,000 customers had been leaked, but this was was after it had already secured a statement from an employee at its marketing department, identified by his surname “Park,” who said he illegally retrieved the information of 800,000 clients.
Samsung Card said it first discovered Park’s irregularities on Aug. 25 as it was checking its data security system.
It reported to the financial regulator three days later, and then the police on Aug. 30.
Addressing the snowballing criticism about its attempts to downplay the violation, Samsung Card said it tried to get to the bottom of the issue on its own but failed.
This, it said was why it “belatedly” notified the authorities and enlisted their assistance.
Read more on Asia One.
Frustratingly, it’s still not even clear what data were involved or what the employee allegedly did with the data. The news story reports:
“We are yet uncertain of exactly what kind of information has been leaked, but we understand that the first two digits of residence numbers, the names, companies and mobile phone numbers were exposed,” Samsung Card said in a statement posted on its website apologizing for the incident.
Stay tuned, I guess…