S.Korea to probe huge online data leak

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.google.com/hostednews/afp/article/ALeqM5gU4DwmPkiau1V6GE0blDIG8H6DTA

SEOUL — South Korea said Friday it would launch a probe into security
systems of major retailer Shinsegae and 24 other companies after
private data on some 20 million customers was leaked.

The move came a day after police arrested three South Koreans for
selling private information, including IDs, passwords and addresses,
of more than 20 million compatriots online.

The three suspects bought the data from Chinese hackers who are still
at large, police said. The Ministry of Public Administration and
Security said in a statement that government agencies and police would
investigate the 25 companies, to see whether they had protected the
private data of customers with security codes.

The incident appears to be the country's worst case of personal data
leakage. In 2008 private information on some 10 million customers was
leaked through hacking attacks on Internet Auction, now eBay's South
Korea unit.

Shinsegae issued a statement of apology after data on 3.3 million of
its customers was leaked from its online shopping mall.
It said none of its customers had reported any damage from the latest case.

South Korean prosecutors have indicted 39 people for uploading illegal
copies of films and broadcast material on to local websites, officials
said Thursday.
This was the largest indictment since the government launched a
crackdown on digital piracy last September.

The culture ministry said the 39 included "heavy uploaders" accused of
receiving money from Internet service providers in return for posting
more than 1,000 files on local peer-to-peer sites.

It promised to step up the crackdown by operating a 24-hour monitoring
system to track down illegal on-line trading.
South Korea, one of the world's most wired countries, has been under
pressure to strengthen rules protecting intellectual property rights.
Official data showed digital theft caused an annual loss of more than
two trillion won (1.29 billion dollars) with almost 20,000 files of
copyrighted content circulating illegally last year.

Last month the chiefs of four leading local Internet service providers
were sentenced to one year in prison and a 30-million-won fine for
facilitating illegal distribution of copyrighted content.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php