Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 22 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

South Korean financial executives resign after breach

by The Gurus
January 20, 2014
in Editor's News
Share on FacebookShare on Twitter

Senior executives at South Korean banks and credit card firms have resigned following a breach which may affect up to 20 million people.
 
In this case, an employee from personal credit ratings firm Korea Credit Bureau (KCB) was arrested and accused of stealing data from the customers of three credit card firms while working for them as a temporary consultant.
 
According to the South China Morning Post, the stolen data included customer names, social security numbers, phone numbers, credit card numbers and expiry dates. The information was taken from the internal servers of KB Kookmin Card, Lotte Card and NH Nonghyup Card and was sold to phone marketing companies, whose managers were also arrested earlier this month.
 
Now the Yonhap news agency has reported that some senior executives tendered their resignations as a result of the breach, and came after the country’s financial regulator warned of stern punitive measures against financial institutions and their chiefs if the latest leak turned out to be a result of their management failure.
 
The management of KB Financial offered their resignation en masse to take responsibility for the incident, while the chief of Nonghyup’s credit card business division also tendered his resignation.
 
Gov. Choi Soo-hyun of the FSS was quoted as saying in a meeting with his staff: “We will hold them fully responsible for the data leak if their sharing of client data among affiliates and lax internal control turn out to be the cause.”
 
Yonhap also reported that there had been more than 150,000 applications received for the three card firms as of midday today, after some cardholders reported a series of unauthorised credit card charges and claimed that they are from the data leak.
 
Matt Middleton-Leal, regional director for UK & Ireland at CyberArk, said: “The sheer scale of this data breach is extremely alarming, with as many as 20 million people affected by the alleged incident.
 
“In the case of the alleged breach in South Korea, the fact that the individual was reportedly able to access and then sell on vast quantities of customer information is very worrying. It should not be the case that an employee – and in this case a temporary consultant – is able to access and then download sensitive data without this suspicious activity being flagged up. It is essential for organisations to have a system in place that is capable of managing, monitoring and controlling all privileged access and activity, with the option to terminate a malicious session if necessary.
 
“While it would seem that this case is a classic example of the ‘insider threat’ – that is, the malicious abuse of privileged access – the threat from within can also include the accidental misuse of privileged access, or the abuse of these accounts by cyber attackers, who immediately seek out these credentials once inside a corporate network in order to steal information or imbed malware in a system.”

FacebookTweetLinkedIn
Tags: data breach
ShareTweetShare
Previous Post

Securing our digital tomorrow

Next Post

Android vulnerability enables VPN bypass

Recent News

Ferrari Data Breach: The Industry has its say

Ferrari Data Breach: The Industry has its say

March 22, 2023
security

What Is Observability, And Why Is It Crucial To Your Business?

March 21, 2023
Organisational Cybersecurity.jpg

How Emerging Trends in Virtual Reality Impact Cybersecurity

March 21, 2023
Nominations are Open for 2023’s European Cybersecurity Blogger Awards

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

March 20, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information