Skip to main content

Hacker cracks open over half of South Korea's bank accounts in massive data breach

A hacker has stolen the private data of over half of the population of South Korea in a series of major cyber-attacks.

According to The Korea Joongang Daily, a 24-year old hacker known only by the surname "Kim" broke into 220 million data records using a cache of login credentials.

At the moment reports are muddled, but it seems the breach affected between 27 million and 220 million people (Update 15:17 BST: ITProPortal has confirmed that the figure is 27 million people.) It is believed that the youngest victim was just 15 years old, while the oldest was 65.

Cash-hungry Kim reportedly gained these login details in 2011 by a Chinese hacker he made friends with through an online game forum.

Over the years, Kim used the information to hack into several online services, such as websites selling ringtones and cinema tickets.

Read more: Hacker exposes passenger air planes to cyber attack through Wi-Fi signals

He then extracted personal information records from these sites, including bank details, which he sold on to mortgage fraudsters and illegal gamblers for the paltry sum of 20p each.

That doesn't sound like much, but when you consider that Kim scooped up the equivalent of £235,000 in profit, the scale of his victims becomes clear.

Kim eventually gave a cut to his Chinese connection, and another 15 people have been arrested in the police investigation. However, police are currently hunting another seven suspects.

Most worryingly, some of the compromised data records could still be circulating around criminal gangs. According to the Korea Joongang Daily, the authorities have also launched an investigation into tracking down these compromised details.