Hack Attack In South Korea Gets Access To Data On Over 70% Of Everyone In The Country

from the hacked dept

We've talked about some massive data breaches in the past, but a recent hack attack in South Korea apparently resulted in personal information on 35 million people being copied. The country has a population somewhere around 49 million... meaning that over 70% of South Koreans had their personal info copied by someone. Authorities are blaming China, though it's not clear if that's really the case. Either way, whoever did the hack got "user IDs, passwords, social security numbers, names, mobile phone numbers and email addresses." At least the SSNs and passwords were encrypted, so it's not quite as bad as it could have been. But it basically sounds like if you have internet access in South Korea, someone probably got your data.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    blaktron (profile), Jul 29th, 2011 @ 3:47pm

    We sure do need more data retention, don't want to make it TOO hard for the scammers....

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 4:18pm

    South Korea uses SSN's too?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 4:25pm

    Re:

    Those were 35 million of US citizens visiting :)

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 4:28pm

    > Hackers purportedly attacked popular Internet and social media sites Nate and Cyworld earlier this week, stealing data such as social security numbers and email addresses

    Why the hell would social media site have your SSN?

    > alleged the attack originated from computers in China based on their Internet Protocol addresses

    Um... How does that indicate the attacker, again? China is the #1 favorite location for bounce boxes (i.e. hacked computers you SSH to and use *them* to do the hacking, so to cover your traces).

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Hothmonster, Jul 29th, 2011 @ 4:39pm

    I cant wait till our isps are holding all that info in a nice little package too

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Liz, Jul 29th, 2011 @ 4:58pm

    Re:

    South Korea uses SSN's too?


    A lot of services online can't be used unless you have a SSN in South Korea. From banking to video games. It's one way for them to ensure that their systems accept only regional access or restrict access to their citizens.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 6:04pm

    Re:

    And THAT is the worst part of the shameful bill rammed through today. It's inevitable that information like this will be acquired by third parties. So put aside for a moment the worries about what government will do with it: imagine what blackmailers, pedophiles, identity thieves will do with it.

    And they WILL get it. It has value, therefore someone will be willing to hack it for the right price.

    We need data protection laws that stipulate the death penalty for those who fail. That's the only thing that will convince people to put adequate security in place.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 7:38pm

    Re:

    Korea's version of the SSN, the Resident Registration Number, is required to apply for many services available on the internet to Koreans. It would actually be very uncommon by Korean standards for a social network not to require a RRN for registration.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    The eejit (profile), Jul 29th, 2011 @ 11:49pm

    Re: Re:

    I wouldn't say the death penalty, but a fine appropriate to your size. So if, say, Sony had a breach nd didn't tell you about it, they'd lose $40m. But if a small business lost it, they would only be fined a few g's.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Jul 30th, 2011 @ 3:04am

    Re: Re: Re:

    $40M to Sony? Insignificant. Besides, they'd fight it in court, spending $100M if necessary to avoid paying it.

    No, I would prefer to see the CEO publicly beheaded as punishment for the breaches. I think that would "inspire" them to work just a little harder to keep data private.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Jul 30th, 2011 @ 7:28pm

    Re:

    VPN

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Billy, Aug 24th, 2011 @ 7:40am

    Re: SSN's

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This