South Korea has suffered its second major data breach in three months, with a telecommunications company KT Corporation affected by the loss of 12 million customer records.
According to the Register, the South Korean Government has launched an inquiry into the breach. Despite two hackers and the CEO of a telemarketing firm being arrested last week on suspicion of infiltrating the telco giant’s servers and stealing the data, the South Korean telecoms ministry has now launched a probe, apparently ordering KT to inform customers about what happened and to allow them to check if they’ve been affected on a special website.
The story claimed that the data theft apparently went undetected by KT for an entire year with the suspects allegedly snatching up to 300,000 records in a single day. The nabbed details included names, registration numbers and bank account info.
Michael Sutton, VP of security research at Zscaler, said: “The fact that the breach at KT Corporation went undetected for a year is indicative of a disturbing trend. Even in the case of the Target and Neiman Marcus breaches, the breaches went undetected for 18 and 106 days respectively. Enterprises continue to focus almost exclusively on preventive controls and ignore detective controls.
“The unfortunate reality of the current cyber landscape is that infections and breaches will occur. Controls must be in place to quickly identity such scenarios and mitigate the damage. Massive files containing sensitive data such as credit card numbers and personally identifiable information should not be able to be exfiltrated from a corporate network without triggering a number of red flags.”
Back in January, senior executives from bank and credit card firms resigned after 20 million records from the internal servers of KB Kookmin Card, Lotte Card and NH Nonghyup Card were stolen. The data included bank account numbers, addresses and credit ratings and part of the leak occurred at local banks that shared their customer data with the affiliated credit card firms.
In December, personal data of some 130,000 customers of Standard Chartered Bank Korea and Citibank Korea was also stolen, the largest number in the history of the banking sector in South Korea.
TK Keanini, CTO of Lancope, said: “To be fair, the threat KT faces may be very advanced and, in those cases, traditional defenses are not enough. The sad reality is that these security events will continue until KT up’s their game. KT is not the first to face this type of repetitive breaches as they make an attractive target for many types of adversaries.
“My advice would be this: while you may never defeat your opponents’ methods to infiltrate, you can certainly make it impossible to hide and this is where the investment should be made. The adversary here must carry out multiple steps to accomplish their objective and catching them early in this lifecycle is the only strategy that is feasible at this point. If you can’t stop them from infiltrating, you must stop them before exfiltration of the data.”