That latest data breach in South Korea is causing waves there, with estimates that 15-20 million have been affected by an insider breach at the Korea Credit Bureau:
Worried Koreans on Tuesday packed into branches of one of the banks hit by the theft to ensure their money was safe, while lawyers said 130 people joined a class action suit against their credit card providers in what is expected to be the first of multiple litigations.
[…]
Financial regulators said a contractor with the Korea Credit Bureau, a private firm that manages the credit information of millions of Koreans for financial services providers, simply loaded details of 105.8 million accounts held by KB Kookmin Card Co Ltd, Lotte Card Co Ltd and NH Nonghyup Card onto a portable hard drive.
The technician was allegedly working on forgery-proofing credit cards when he committed the theft in February, June and December last year, according to regulator Financial Supervisory Service (FSS), citing the prosecutor’s office leading the investigation. The man then sold the information to at least two people including a loan marketer and a broker, the FSS said. The contractor and at least one other person have been arrested.
Read more on DNA from Seoul Reuters.
The Financial Times reports that so far, three dozen financial executives have resigned in disgrace over the breach and over 500,000 people have cancelled their credit cards since the breach was announced last week.
The Financial Supervisory Service, South Korea’s regulatory agency, has issued advice for worried cardholders:
The chance of copying credit cards is very slim, as passwords and card validation codes (CVC) were not stolen. If you are concerned about the financial damage from the information leakage, you can ask credit card companies for the change of passwords, or reissuance of credit cards. In addition, you can join identity protection service provided by personal credit ratings firm Korea Credit Bureau (KCB) for free for one year. The service prevents identity theft as KCB checks whether financial companies inquire a consumer’s credit data, by stopping credit inquiries.
Consumers who concern about any financial losses at overseas merchants can register with credit card companies for the departure confirmation system. It can prevent fraudulent payments of credit cards by checking whether a cardholder stays in Korea at the point of approval of overseas card transaction.
In addition, you can ask credit companies to stop newly issuing credit cards in order to prevent fraudulent issuance of credit cards using stolen identities. You can use the existing cards, while stopping issuance of new ones.
You can read FSS’s full guidance here.