NewKerala.com

Key Points

A significant data breach at Lotte Card has exposed personal information of nearly 3 million customers, raising serious cybersecurity concerns. The leaked data includes sensitive details like identification numbers and card verification codes, potentially putting customers at risk of fraud. Lotte Card's CEO Cho Jwa-jin has publicly apologized and committed to compensating any customers who suffer damages. This incident highlights the growing challenges of digital security in the financial sector.

Key Points: Lotte Card 3 Million Customer Data Breach Exposed

  • 200 gigabytes of personal customer data compromised
  • 280,000 customers' critical card details exposed
  • CEO promises full compensation for potential damages
  • Breach occurred between July 22 and August 27
2 min read

Data of nearly 3 million Lotte Card customers leaked

Major South Korean financial firm Lotte Card reveals massive data leak affecting 3 million customers, potential fraud risks highlighted

"Leaked data was created in online settlement process - Cho Jwa-jin, Lotte Card CEO"

Seoul, Sep 18

Lotte Card Co., the country's fifth-largest card issuer, said on Thursday that personal data of some 3 million customers has been leaked in a hacking incident last month, but there has yet to be any report of improper use.

Lotte Card said the leaked data, estimated at 200 gigabytes, included identification numbers, internal identification numbers and connecting information.

The leaked data also included card verification codes, card numbers and card validity period of some 280,000 customers, critical information that may expose their owners to credit card fraud, according to the company, reports Yonhap news agency.

Lotte Card CEO Cho Jwa-jin issued a public apology and announced response measures, including full compensation for any reported damage caused by improper use of stolen data.

"Leaked data was created in the online settlement process via online servers between July 22 and August 27," Cho said.

The CEO stressed that leaked data cannot be improperly used for offline settlements. "Additional identification processes are necessary for online settlements, so improper card uses are difficult with only breached data."

Earlier this month, Lotte Card, with some 9.6 million members, disclosed a cyber breach. Since then, the financial watchdog and the card company have been struggling to gauge the damage caused by the hacking.

Lotte Card's data breach is the latest in a series of massive cyber breach cases in the financial sector. Earlier, Seoul Guarantee Insurance had suffered a similar hacking incident.

Lotte Card's cybersecurity lapse also came as Financial Supervisory Service Gov. Lee Chan-jin has been calling on financial firms to beef up their cybersecurity and better safeguard customers.

Meanwhile, the science ministry here has launched an official probe into a purported attempt to sell personal data allegedly leaked from South Korea's top mobile carrier SK Telecom Co.

The move came after a global hacking group, Scattered Lapsus$, posted on its Telegram channel that it would sell SK Telecom's client data for US$10,000, adding that 42 South Koreans had already made contact.

The government also recently launched a probe against No. 2 mobile carrier KT Corp., which reported a total of 278 cases of unauthorized mobile payments worth 170 million won ($122,000), raising concerns over a possible leak of customer data.

- IANS

Share this article:

Reader Comments

R
Rohit P
3 million customers affected! That's massive. They should be held accountable with serious penalties, not just apologies. This keeps happening because consequences aren't severe enough.
A
Aditya G
At least they're offering full compensation for damages. Many Indian companies wouldn't even acknowledge such breaches. Still, prevention is better than compensation.
S
Sarah B
This is a wake-up call for all financial institutions globally. Cybersecurity should be the top priority, not an afterthought. Regular audits and updates are non-negotiable.
K
Karthik V
The fact that this happened over a month and they're only now disclosing it properly is concerning. Transparency should be immediate when customer data is compromised.
M
Michael C
This is why I prefer using UPI and other Indian payment systems that have better security layers. International card companies need to step up their game significantly.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50