Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security Crime The Almighty Buck

20 Million People Exposed In Massive South Korea Data Leak 53

Posted by timothy from the at-least-everyone's-using-msie dept.
wiredmikey writes "While the recent data breach that hit Target has dominated headlines lately, another massive data breach was disclosed this week that affected at least 20 million people in South Korea. According to regulators, the personal data including names, social security numbers, phone numbers, credit card numbers and expiration dates of at least 20 million bank and credit card users was taken by a temporary consultant working at the Korea Credit Bureau (KCB). The consultant later sold the data to phone marketing companies, but has since been arrested along with mangers at the companies he sold the stolen data to. A similar insider-attack occurred at Vodafone late last year when a contractor made off with the personal data of two million customers from a server located in Germany. According to a study from PwC, organizations have made little progress developing defenses against both internal and external attackers, and insiders pose just as great a security risk to organizations as outside attackers."
This discussion has been archived. No new comments can be posted.

20 Million People Exposed In Massive South Korea Data Leak More

20 Million People Exposed In Massive South Korea Data Leak

Comments Filter:

  • So how do you defend against this? (Score:2, Insightful)

    by Anonymous Coward on Sunday January 19, 2014 @03:28PM (#46006883)

    The data at some stage will be unencrypted or there will be some developer or admin who knows how to unencrypt it.

    It doesn't matter if you pay your staff well - people can still be blackmailed / need money to pay of debts.

  • No surprise (Score:5, Insightful)

    by Mashiki ( 184564 ) <mashiki&gmail,com> on Sunday January 19, 2014 @03:41PM (#46006965) Homepage

    After all S.Korea uses an activeX plugin for all their security needs...massive single point of failure and all that.

  • Re:So how do you defend against this? (Score:5, Insightful)

    by ShanghaiBill ( 739463 ) on Sunday January 19, 2014 @03:43PM (#46006981)

    We need to get rid of the idiotic idea that quasi-public information like SSNs and CC numbers are "secret". Nobody should be able to impersonate you by knowing your SSN, anymore than they can by knowing your name. Likewise, we should get rid of mag-stripe CCs, and switch to a more secure system like much of the rest of the world already has. These data breaches are just a symptom of a deeper problem: No sane system should require that the same information be both secret and widely known.

  • Re:Eventually (Score:4, Insightful)

    by rubycodez ( 864176 ) on Sunday January 19, 2014 @04:01PM (#46007125)

    nonsense, this is result of very poor security and no obscurity, using credit card number or ss # is silliness. Transactions with private keys and verification are the way to do things, this is a solved problem that the governments and credit card companies are not using.

Slashdot Top Deals

On the eighth day, God created FORTRAN.

Close