220 million records stolen, 16 arrested in massive South Korean data breach

library
crime | hacking | security

South Korean authorities have revealed a massive data breach that has affected well over half of the country’s 50 million citizens.

A group of hackers successfully compromised 220 million records containing personally identifiable information on 27 million people aged 15 to 65.

The breach came to light after 16 people were arrested following the theft of data from a number of online game and movie ticket sites.

The stolen records include real names, account names, passwords and resident registration numbers.

One of the 16 people detained, known simply as “Kim”, is said by police to have obtained all 220 million records from a Chinese hacker he met through an online game in 2011.

Local authorities believe Kim then automatically logged in to the compromised online gaming accounts and stole game currency. He then allegedly exchanged that currency for real cash.

Police think that Kim hacked into a total of 6 online games in South Korea from which he allegedly stole 400 million Won ($393,000/£237,000). He is said to have given 130 million Won to his Chinese accomplice and kept the rest for himself.

Authorities also suspect Kim of selling personal information on to other third parties.

He is believed to have exchanged personal records with mortgage fraudsters for as little as 10 Won a pop, as well as with illegal gambling advertisers at 300 Won each.

With hundreds of people falling prey to a variety of swindlers, the total cost of those secondary damages has been estimated at 2 billion Won ($1.965m/£1.185m), according to police.

Despite the size of the breach, it is not the largest to have rocked South Korea.

In 2011 hackers broke into the Nate and Cyworld websites before walking out with the names, email addresses, phone numbers and resident registration numbers of 35 million users.

Additionally, regulators fined three credit card companies and took away their card-issuing rights in February after 20 million residents had their data stolen by an IT contractor.

Then, in March, the government announced it was investigating another breach which had led to the compromise of 12 million names, resident registration numbers and bank account details from telecom company KT Corp.

This recent operation has only just come to light but is thought to have run between September 2012 and November 2013.

The other 15 suspects were arrested over allegations that they illegally circulated the stolen information. Police are still searching for seven other suspects, including the hacker who allegedly gave Kim access to the millions of records.