Hack Attack In South Korea Gets Access To Data On Over 70% Of Everyone In The Country

from the hacked dept

We've talked about some massive data breaches in the past, but a recent hack attack in South Korea apparently resulted in personal information on 35 million people being copied. The country has a population somewhere around 49 million... meaning that over 70% of South Koreans had their personal info copied by someone. Authorities are blaming China, though it's not clear if that's really the case. Either way, whoever did the hack got "user IDs, passwords, social security numbers, names, mobile phone numbers and email addresses." At least the SSNs and passwords were encrypted, so it's not quite as bad as it could have been. But it basically sounds like if you have internet access in South Korea, someone probably got your data.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: data, hack, personal information, south korea


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    blaktron (profile), 29 Jul 2011 @ 3:47pm

    We sure do need more data retention, don't want to make it TOO hard for the scammers....

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jul 2011 @ 4:18pm

    South Korea uses SSN's too?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jul 2011 @ 4:28pm

    > Hackers purportedly attacked popular Internet and social media sites Nate and Cyworld earlier this week, stealing data such as social security numbers and email addresses

    Why the hell would social media site have your SSN?

    > alleged the attack originated from computers in China based on their Internet Protocol addresses

    Um... How does that indicate the attacker, again? China is the #1 favorite location for bounce boxes (i.e. hacked computers you SSH to and use *them* to do the hacking, so to cover your traces).

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Jul 2011 @ 7:38pm

      Re:

      Korea's version of the SSN, the Resident Registration Number, is required to apply for many services available on the internet to Koreans. It would actually be very uncommon by Korean standards for a social network not to require a RRN for registration.

      link to this | view in chronology ]

  • identicon
    Hothmonster, 29 Jul 2011 @ 4:39pm

    I cant wait till our isps are holding all that info in a nice little package too

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Jul 2011 @ 6:04pm

      Re:

      And THAT is the worst part of the shameful bill rammed through today. It's inevitable that information like this will be acquired by third parties. So put aside for a moment the worries about what government will do with it: imagine what blackmailers, pedophiles, identity thieves will do with it.

      And they WILL get it. It has value, therefore someone will be willing to hack it for the right price.

      We need data protection laws that stipulate the death penalty for those who fail. That's the only thing that will convince people to put adequate security in place.

      link to this | view in chronology ]

      • icon
        The eejit (profile), 29 Jul 2011 @ 11:49pm

        Re: Re:

        I wouldn't say the death penalty, but a fine appropriate to your size. So if, say, Sony had a breach nd didn't tell you about it, they'd lose $40m. But if a small business lost it, they would only be fined a few g's.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 30 Jul 2011 @ 3:04am

          Re: Re: Re:

          $40M to Sony? Insignificant. Besides, they'd fight it in court, spending $100M if necessary to avoid paying it.

          No, I would prefer to see the CEO publicly beheaded as punishment for the breaches. I think that would "inspire" them to work just a little harder to keep data private.

          link to this | view in chronology ]

    • identicon
      Anonymous Coward, 30 Jul 2011 @ 7:28pm

      Re:

      VPN

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.