Lotte Card Data Breach Exposes 3 Million Customers' Sensitive Info
Lotte Card, a prominent South Korean credit card company, has experienced a substantial data breach, exposing sensitive information of approximately 3 million customers. The incident, which remained undetected for nearly two weeks, has sparked debate over the company's cybersecurity measures and investments.
The breach occurred due to an unpatched vulnerability in a payments server that had been present since 2017. Despite this, only 56% of the leaked files were encrypted, leaving a significant amount of data exposed. This includes personal identification numbers, contact information, and sensitive financial details such as card numbers and verification codes of thousands of customers.
Lotte Card has initiated the process of notifying at-risk customers and suspending or reissuing cards, with no unauthorized transactions detected yet. The company's CEO has apologized and pledged full compensation, promising to reform the company's security and management framework. The ruling People Power Party plans to summon MBK's chairperson for a parliamentary audit over the breach.
The incident has raised questions about whether MBK Partners, Lotte Card's majority owner, had neglected cybersecurity investment. While MBK rejected the criticism, stating it had invested about 600 billion won ($430 million) in IT and security over the past six years, Lotte Group, the majority shareholder since 2019, has invested approximately 1 trillion KRW in information technology, including security, over the same period. South Korea's Personal Information Protection Commission is currently investigating the cyberattack.
Read also:
- Industrial robots in China are being installed at a faster rate than in both the United States and the European Union, as the global market for these robots faces a downturn.
- NATO's Massive Naval Drill Shows Unity Against Russian Aggression
- Undeads Games Reaches $30 Million TVL and Gears Up for MMORPG Debut
- Hyundai N affirms transition to hybrid performance-centric models, initiating with Tucson N
