Police said Tuesday they have launched an investigation into the hacking of a widely-used online payment service operated by two major South Korean credit card firms.
The so-called Internet Secure Payment (ISP) is a password-encrypted service used when making credit card payments online of less than 300,000 won ($276). The system is managed by KB Kookmin Card Co. and BC Card Co.
The investigation comes after 199 cardholders who use the service had their accounts hacked, which resulted in losses estimated at around 180 million won, officials said.
The National Police Agency (NPA) said authentication certificates stored in the victims' computers are believed to have been leaked.
"We are weighing the possibility of PCs (personal computers) being hacked rather than the system itself being under a hacking attack," a police officer handling cyber-terrorism at the NPA said.
"At the moment, this hacking is believed to be similar to an ISP hacking incident that occurred in 2007," he said.
Police said they are not ruling out that there may be more victims of similar attacks as the total number of the two firms' clients is almost 60 million.
The two credit card firms said they have reached the conclusion that the system itself is not defective.
"We presume that the consumers were hacked when playing online games, which eventually led to the leakage of ISP passwords," BC Card said.
"We have information that there are not that many victims as they have requested the probe early," KB Kookmin Card said.
Concerns about online security breaches were heightened earlier this year due to a series of hacking attacks on local financial firms and a popular Internet portal. (Yonhap News)