South Korean Police Probing Country’s Worst-Ever Cyber Attack
Steve Herman | Seoul July 29, 2011
South Korean authorities and online security analysts say they are assessing the extent of damage caused by what may be the largest data breach in the country’s history.
South Korean police are leading the investigation into a huge cyber-theft, initially traced to China, targeting popular internet and social media sites.
In a statement issued Friday, the South Korea Communications Commission urged the 35 million users of the Nate Internet portal and Cyworld social networking site to change their passwords.
Officials says hackers may have obtained up to 35 million account identities, passwords, social security numbers, e-mail addresses and mobile phone numbers.
SK Communications says it discovered on Tuesday that malicious code was used to hack the Nate portal, which is popular for searching and e-mail and is the third most visited in the country. Cyworld (known as the Korean Facebook) was also breached. It is estimated that slightly more than half of South Korea’s 50 million people have Cyworld accounts.
Shin Hyun-chul, the director of information security at the Korea Information Technology Research Institute in Seoul, says if the stolen data is used for criminal purposes it will cause a social problem. He says he is worried personally that his identity or data also could be used to carry out fraudulent activities that would harm a third party.
This week’s hack is the latest in a string of online attacks against internet sites in South Korea. In April, personal information of more than 400,000 users of the Hyundai Capital web site was accessed.
Immediately after that intrusion, hackers managed to paralyze for days the banking system of the government-supported Nonghyup agricultural cooperative. Authorities blamed the online attack on North Korean hackers.
In recent years the South Korean government has alleged that North Korea is targeting online sites in this country, as well as attempting to remotely infiltrate or paralyze South Korean government, military and institutional computers.
Analysts say it appears, based on initial evidence, the motivation for this latest massive cyber-theft is financial, rather than political.
|Join the GlobalSecurity.org mailing list|