An additional personal data leak was detected at two major foreign banks here, and this time, the stolen information was circulated and led to actual financial damages, according to financial authorities.
The Financial Supervisory Service said Thursday that the data of some 50,000 clients were stolen from Citibank Korea and Standard Chartered Bank Korea late last year.
Together with the 130,000 cases confirmed leaked earlier, a combined 190,000 clients’ personal information were stolen from the two banks.
Authorities said that the leak did not include critical information such as credit card numbers or passwords, but worries grew nevertheless as the police announced Wednesday that several Citibank clients had been scammed by a voice phishing ring.
Voice phishing is a rampant scheme that threatens or coaxes individuals into revealing information that allows scammers access to their financial accounts.
Data on some 2,000 customers from Citibank Korea, including financial transaction records, were used by the ring, according to the police.
Citibank pledged to fully compensate for the damages inflicted by the information leak.
In January, the FSS revealed that some 20 million clients’ personal data had been leaked from three credit card firms ― KB Kookmin, NH Nonghyup and Lotte ― as well as Kookmin Bank, which shared customer data with its affiliated card firm.
The regulator suspended the three card firms for three months as punishment for the data breach, the first punitive measure of its kind in 10 years.
Following the leak, the regulator and related government agencies have been working to prevent the recurrence of such a massive breach.
The regulator also has threatened firms and their managers with stern punishment, including fines equivalent to 3 percent of annual sales with no ceiling.
By Bae Hyun-jung and news reports
(
tellme@heraldcorp.com)