South Korean police say they have arrested two malicious hackers that obtained personal details of 8.7 million KT mobile customers and on-selling the data to telemarketing firms.
The police accuse the pair of earning one billion won, which sounds a lot more than the roughly $US800,000 it converts to, in the scam. The data theft took place between February this year and early this month, when KT detected signs of intrusion on their networks.
Seven individuals have been charged over buying the data, according to AFP.
In the kind of apology you never get from Western companies suffering data breaches (or, for that matter, repeatedly and egregiously breaching their customers’ privacy – we know who we’re talking about), KT issued a statement to customers saying that “We deeply bow our head in apology” for the leaks.
This may, however, reflect KT’s humiliation at being still vulnerable to data leaks, following last year’s attack in which KT’s Cyworld social network site and Nate Web portal were infiltrated and personal data of 35 million customers copied. That attack was blamed on Chinese intruders.
Other major attacks on South Korean sites included a breach at game developer Nexon (13 million customers exposed), and retailer Shinsegae along with 24 other companies (20 million customers exposed). ®