Jan 21, 2014

Bank Firms face stiff fines over leak

Regulatory authorities are considering fining all financial firms that had customer privacy breached in the recent mass data leak after reviewing similar cases in the United States, the Finance Ministry said Tuesday.

The ministry, in collaboration with financial supervisors and the Ministry of Justice, will unveil comprehensive punitive and preventative measures on Wednesday in the wake of the recent financial scandal involving the leaking of private information of up to 15 million Koreans.

The countermeasures will include imposing monetary penalties on all financial companies involved in any kind of data breach, ranging from banks and credit card issuers to insurance firms and stock brokerages, according to the Financial Supervisory Service.

Under current regulatory rules, the FSS is entitled to issue a warning or caution on firms or their chief executives in cases of leaked consumer data.

“The rule revision will be promoted in consultation with the Ministry of Justice and the Ministry of Security and Public Administration,” said an FSS official.

Among the key measures will be deleting information immediately when a consumer scraps a contract with a credit card company.

The three credit card firms linked to the data breach ― KB Kookmin, NongHyup and Lotte ― also pledged to provide “complete compensation” for any financial losses caused by the leak.

But customers continued Tuesday to line up to cancel or change credit cards at their banks, as they fear that stolen data could be used for fraud.

Some 600,000 credit card holders either canceled or signed up for new cards in the aftermath of the massive data leak.

NongHyup Card reported that some 330,800 customers had registered for new cards as of midday Tuesday, while KB Kookmin Card and Lotte Card said some 156,000 and 51,200 customers also respectively applied for new cards. But the firms declined to reveal the number of cancellations.

A 31-year-old self-employed businesswoman said that she recently received a call from a prosecutor.

“He (a man who claimed to be a prosecutor) said that my NongHyup card data had been leaked and requires a security upgrade as protection against phishing schemes.”

She did not realize the phone call was actually a scam until she gave out all her card numbers and passwords using the Web link sent on her mobile phone.

Personal data, including bank account numbers, phone numbers, home and office addresses and also credit card numbers ― as many as 104 million pieces of information were leaked in the latest breach.