Olleh KT homepage was hacked this February, so 1.2 million among 1.6 million customers personal information was leaked. That is not the first time for the company. KT experienced one leaked incident in 2012.
In addition, similar cases happened at other companies before. The 3 main card companies(KB, Lotte, NongHyup) also leaked customers¡¯ information early in 2014. These leaks started from June, 2013. A staff member in KCB(Korea Credit Bureau) was dispatched to card companies. Then, he gave 3 main card companies¡¯ customer information to advertising agents and loan collecting people. However, the card companies didn¡¯t recognize that for 7 months, but they knew after the prosecution¡¯s announcement in January, 2014. One in every two Koreans suffered from leaked personal information. As a result, the companies have been forced to close from February 17th to May 16th of this year.
People are infuriated with the sequence of the leaking problem. Even recently, one man in his 40s, who insisted that he was damaged because of it, tried to set fire to a Nonghyup branch in Uichanggu, Changwonsi. Kim So-hyeun(School of Business), who had those 3 cards, said, ¡°Now, they are saying they will do their best when the problems happen, but if the accidents occur, they will wash their hands of that matter. Recently, I have received frequent phone calls from unknown people. ¡±
The Financial Holding Companies Act caused this incident. Clause 48 in the Financial Holding Companies Act proposes that financial groups can share their customer information among them. The private information security law has a lot of problems. At present, there are several departments which manage the laws related to private information security, so it is too complicated to deal with the law. Even punishment standards are different in the laws. For example, the Information Network Law specifies that if companies leak private information, they will get punished. However, this is not written in the Credit Information Law. In other words, not only security of private information loose in Korea, but it is also loose in the punishment of leaking incidents.
The National Assembly wanted to make up for this fault, so they passed the private Information Security Law amendment, which specifies unification of private information security management and encipherment of private information. However, people have bad opinions about that. The main negative point is that it is unnecessary to encipher private information which was already leaked. Maybe making new private information for people is more effective.
Chang Yeo-kyung, who participates in a network for the protection of private information, ¡®Progress Network¡¯, said, ¡°The fundamental cause of leaks is the use of resident registration numbers in civilian departments. In 2004, in spite of the counterproposal from human rights groups, the law that forces to input of resident registration numbers when someone writes something on internet bulletin boards was made. Later, the main internet services collected resident registration numbers. That¡¯s how the collected numbers are leaked in many ways. And about the revised bill in the National Assembly, the numbers that can be used anywhere, like resident registration numbers, should be abolished. To avoid this situation, the possible use of the resident registration numbers should be limited only in resident services, especially all the resident registrations which were already leaked.¡±
Korea has never solved such a case properly. In addition, in the case of leaks by hackers of Auction or Nate, the authority of criminal investigations in Korea has never arrested hackers overseas, so the compensation of civil cases wasn't possible. The cause of leaks by people on the inside needs to be proved by victims personally. Also, the government doesn¡¯t ever change resident registration numbers of the victims. For that reason, the victim has no choice but to receive damage without any compensation. The people think a proper reform of the law about the privacy policy is essential to prevent this situation from happening again.
By Lee Da-yeon
dy34@cbnu.ac.kr