The Financial Supervisory Service has punished credit finance lender IBK Capital for leaking private information of its customers, FSS officials said Tuesday.

The state financial regulator said it issued a 6 million won ($5,500) fine and individual cautions to two executives and three employees of the capital firm.

The five are held responsible for exposing names and contact numbers of some 5,700 customers without consent in 2012, the FSS said. About 700 of these customers had their credit rating information stolen as well.

The FSS also issued an institutional warning to the company. Receiving three institutional cautions in one year results in an institutional warning, which is a higher level of penalty.

While recent financial security leaks revolve much around hacking of financial institutions’ database, the traditional method ― insiders leaking and appropriating customer information ― is still dominant, security experts said.

“More than half of the leaks in customers’ private information are in fact done by insiders,” an engineer of the nation’s top-notch information technology security firm said, under the condition of anonymity.

Aside from secondary lending institutions like IBK Capital, the country’s top-ranked banks have faced public allegations of appropriating customers’ private information ― including the certificate of information usage authorization and the private information of borrowers’ families ― for business purposes.

By Chung Joo-won (joowonc@heraldcorp.com)