Korea Credit Bureau (KCB), a credit rating company, has been stolen 105.8 million accounts that included credit card details, full name, telephones, home addresses and even passport numbers. Each Korean has an average of 5 credit cards (highest in the world!) which would mean that at least 21 million of Korean citizens have seen how all their personal details have been stolen. For a country with less that 50 million inhabitants, this means that a 42% has been a victim, although the real figure has to be way higher as not every victim will have had all his credit cards compromised. Probably at this point it would be easier to ask in South Korea who has not been a victim in this single data theft incident.
Unlike the Target incident we related in this blog, this time no malware was used in order to access the data. The thief worked for KCB –ironically enough, in the anti-fraud department- and during 11 months he just copied all the information and sold the data. If the data had been properly encrypted the data theft damage would have been limited, although it looks like this was not the case. Being able to steal information during 11 months also points to a lack of data access control and supervision.
There are also some preventive measures that could have been taken: it is true that the person involved in this incident was part of the anti-fraud department, and as such it is likely that he had access to the stolen data. What could have been done? Well, as stated earlier, data encryption can help here, although it is true that at some point this person could have had information to decrypt it. Limiting the amount of information that can be accessed to might also help against such big data thefts: if you can only access a limited number of data base entries at a time -let’s say 10- this person would have needed to repeat the same operation 10 million times. Not only that, you can also limit the amount of information read during a period of time, or even better, set some alarms linked to some complex rules that send a warning when something unusual is going on. This is something that most banks have already in place and helps them to detect fraud and identity theft cases.
On a separate case, in Germany, the Federal Office for Information Security (BSI) has warned that email accounts belonging to 16 million people have been compromised. It looks like this time a botnet was behind the attack, which means that probably computers belonging to users whose email accounts have been compromised could as well be part of a botnet controlled by cybercriminals.
BSI has created a website to find out if a particular email account is among the victims. If you are among those affected, there are high chances that your computer is infected with some malware, so feel free to use our Panda Cloud Cleaner free tool to scan and remove any malware lying around.