[ISN] Hacked personal data originating from China

From: InfoSec News <alerts_at_private>
Date: Mon, 22 Mar 2010 00:01:37 -0600 (CST)

By Park Sung-woo
JoongAng Daily
March 22, 2010

Have you ever wondered why you get so many unwanted spam text messages 
and e-mails? The answer might be found in China.

A 22-year-old Korean man named Kim is under arrest for purchasing lists 
of Koreans' personal information, such as cell phone numbers and e-mail 
addresses, which had been hacked in China. After spending 1 million won 
($880) for 31 million items of data since July of last year, Kim posted 
an Internet ad and sold off 10 million such items.

A 27-year-old man Lee, who runs a branch for an Internet service 
provider, was one of the buyers. He spent 3 million won for 140,000 
phone numbers for his branch's telemarketing scheme.

The Seoul Metropolitan Police Agency took in Kim and Lee without 
physical detention, and also detained the owners of the companies that 
failed to protect their customer information from computer hackers.

Last September, a used-car trading Web site and the Internet home page 
for a car navigation manufacturer were victims of Chinese hackers who 
stole names and residential registration numbers of 910,000 online 
members. Hackers can use the stolen registration numbers to become 
members of certain Web sites that send spam messages, or sell the 
numbers to other hackers.

Seoul police charged a 32-year-old named Kim, the owner of the used-car 
site, and a 45-year-old named Lee, who runs the navigation maker, for 
negligence in protecting their customers. information.

The law demands that companies protect their online customers. 
information, and violations are punishable by a maximum of two years in 
prison or a 10 million won fine.

"This is the first case in which we applied this particular clause since 
it became effective in September 2008," a police officer explained. 
"Protecting personal information is a legal obligation, not merely a 
recommendation. We will continue to charge companies that leave their 
customer information vulnerable to hacking."

According to police, Chinese hackers have been targeting Web sites of 
Korean department stores and other frequently visited sites. The hackers 
offer the Korean information for sale on the Internet.

Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
Received on Sun Mar 21 2010 - 23:01:37 PDT

This archive was generated by hypermail 2.2.0 : Sun Mar 21 2010 - 23:16:05 PDT