Go to Contents Go to Navigation

Personal info of online mall users stolen through 'spearfishing' method

All Headlines 14:04 August 31, 2016

SEOUL, Aug. 31 (Yonhap) -- Personal information of more than 10 million people were leaked from the leading online shopping mall Interpark Corp. through the so-called 'spearfishing' hacking attacks in May, officials said Wednesday.

The private information, such as resident registration numbers, phone numbers and addresses, of the mall's 10.3 million customers were leaked through malicious codes, they said.

The investigation was conducted and announced by the Ministry of Science, ICT and Future Planning and the country's telecommunications watchdog, the Korea Communications Commission (KCC).

The hackers impersonated a brother of one of Interpark's staff and sent emails to the employee's personal email with malicious codes to penetrate the company's network, the ministry said.

The hackers then broke into the company's server and stole customer-related information, the officials said.

"Hackers sent bogus emails by faking an email address of an employee's brother," said a KCC official, noting an investigation is still under way into how the hackers first obtained a password for the email.

Earlier, police announced that North Korea was being suspected of being behind the hacking, noting that the Internet Protocol addresses used by the hackers were identical to those used by North Korean hackers in previous cases.

Ministry and KCC officials said their investigation was focused on finding vulnerabilities in the Interpark networks, rather than on identifying the hackers.


Send Feedback
How can we improve?
Thanks for your feedback!