The security problems for credit card users in South Korea continues to take a toll on consumers and the country’s credit card industry. Yonhap News Agency is reporting yet another data leak involving credit card firms. This time, it’s reportedly 100,000 people who use Shinhan, Kookmin, NongHyup credit cards and Kwangju Bank.
This is not the first leak for Kookmin and NongHyup, who had been hit with a three-month suspension of new signups by the financial regulator for previous leaks, but it is the first report for Shinhan. Previous coverage of the Kookmin and NongHyup leaks are linked from here.
According to Yonhap:
The discovery was made during an investigation of a group of hackers that had penetrated the storage server of a point-of-sale (POS) company and stole 3.2 million pieces of credit card usage records. A POS device, which includes a debit and credit card reader, collects user names, contacts, credit card numbers and other confidential information for transactions in money and goods.
The hackers allegedly obtained passwords of OK Cashbag card, a widely used mileage card, and withdrew some 102 million won (US$115,108) from credit cards, investigators said, knowing that many use the same passwords for all their cards.
The FSS said it has ordered companies using the POS system to install security programs on every device. Less than half of some 350,000 POS devices used across the country are equipped with such software, it said.
Read more on Global Post.
Updated: Reuters reported that it’s 200,000 affected. I’m not sure which number is correct and don’t see any statement on FSS’s website at this time that might resolve it.