Massive Data Breach Compromises Personal Information of Millions in South Korea
A significant data breach has exposed the personal information of over 27 million individuals in South Korea, affecting more than half of the country’s 50 million population aged 15 to 65. The breach came to light following the arrest of 16 individuals involved in the theft of approximately 220 million records from various online gaming companies, ringtone outlets, and movie ticket sales platforms.
Authorities revealed that the compromised data included sensitive information such as full names, account usernames, passwords, and resident registration numbers. This alarming breach underscores the precariousness of personal security in an increasingly connected digital landscape, particularly in regions where online gaming is highly popular.
Among those apprehended, a 24-year-old man identified only as ‘Kim’ was charged with acquiring and monetizing the entirety of the stolen information. Allegedly, he sourced this data from a Chinese hacker whom he initially met through an online gaming platform in 2011, further exemplifying the cross-border nature of cybercrime today. Investigations suggest that the breach led to secondary damages estimated at nearly $2 million, with Kim reportedly hacking into six online video games, siphoning off almost $400,000 worth of in-game assets through the use of this stolen data. He is also alleged to have funneled a portion of these funds back to the original hacker.
The stolen information was traded at rates as low as $0.001 to $20 per record. Police indicated that the data found its way into the hands of fraudsters, including mortgage scammers and illegal gambling advertisers, who exploited it to deceive hundreds of South Koreans between 2012 and 2013. The nature of the stolen data facilitated identity theft, allowing criminals to infiltrate online gaming accounts and abscond with in-game currencies and assets, which were then resold at premium rates.
Authorities suspect that the hackers employed a tactic known as “information extraction” to gain access to user accounts. This suggests a potential use of techniques categorized under the MITRE ATT&CK framework, particularly initial access methods that involve exploiting online game vulnerabilities. Investigators are zeroing in on how the information circulated post-breach and are pursuing additional suspects, including the original Chinese hacker.
While this breach is notably severe, it is not unprecedented for South Korean internet users. In 2011, a massive breach exposed data for 35 million individuals following a cyber intrusion into the South Cyworld and Nate portal databases. Moreover, a recent incident this year saw another 20 million South Koreans affected due to a breach linked to a former employee of Korea Credit Bureau, who illicitly copied personal information onto an external drive over an extended period.
This incident serves as a stark reminder of the ever-present risks in the digital age. Business owners must remain vigilant against such breaches, leveraging cybersecurity best practices to safeguard sensitive data from increasingly sophisticated cyber threats.