Authorities have uncovered yet another massive data breach, South Korea appears to have a breach that has impacted over 27 million Korean citizens, roughly 70 percent of the nation’s total population.
Authorities with the South Jeolla Provincial Police Agency announced last week that a 24 year-old named ‘Kim’, and 15 others connected in a breach were apprehended.
Officials have said that the 16 individuals are alleged to have illegally circulated information regarding millions of South Koreans between the ages of 15 and 65.
Authorities claim that Kim acquired the 220 million records in total from a Chinese hacker he met back in 2011. The hacker is alleged to have stolen it from online registrations pertaining to online games, movie ticketing and ringtone download sites.
The information obtained contained citizens names, resident registration numbers, account names and passwords.
In the English version of the Seoul-based daily newspaper, the Korea JoongAng Daily, Kim earned nearly ₩400 million won (roughly $394,500) by hacking into six online video games utilizing the stolen information. Kim was said the have given the Chinese hacker who initially hijacking the credentials $130,000 cut from his earnings.
Police continue to claim that Kim went on to sell the obtained information to “mortgage fraud swindlers” and “illegal gambling advertisers” for 10 to 300 won, or one cent to thirty cents. The swindlers and advertisers from there duped hundreds of South Koreans between September of 2012 and November of 2013.
Officials say they are continuously investigating the incident and are in the midst of pursuing seven other suspects believed to be involved.
In 2011, South Korea’s largest Internet and Mobile service provider was hit with a data breach that compromised 35 million users records. Names, email addresses, and other sensitive data were leaked when SK Telecom’s Cyworld was breached from IP addresses ranging in China.
Earlier this year the KT Corp telecommunication company leaked personal information regarding 12 million citizens. The breach persisted for over a year without begin detected and let cybercriminals siphon off 300,000 records per day.