Two men have been arrested in South Korea for allegedly leaking the information of almost nine million of the nation’s mobile phone users, including details of the users’ monthly plans, according to a report issued by the Korea National Police Agency’s (KNPA) Cyber Terror Response Center (CTRC) over the weekend.
Approximately 8.7 million mobile subscribers of KT Corporation, South Korea’s second largest telecommunications company, based outside of Seoul, are at risk in the case.
While a 40-year-old suspect known only by his family name, Choi, and another suspect were apprehended, seven other suspects were also arrested after buying the leaked data for a telemarketing scam, according to a report from the Yonhap News Agency. The suspects allegedly earned 1 billion won ($877,000) through the hack, which took seven years to develop.
Police report the information was used by scammers to convince customers whose contracts were nearing their expiration date to change plans.
KT Corp. claims it has “restored the leaked personal information and taken necessary steps to prevent further leakage,” according to the Yonhap story.
“In light of this incident, we will strengthen the internal security system and raise awareness of security among all employees to prevent causing inconvenience to customers,” reads one part of the statement released by the telecommunications company.
On July 13, KT Corp. requested police look into a potential leak after noticing “suspicious activities through internal monitoring” according to a Bloomberg News report today.
Following the hack, the company faced its worst drop of the year on the Korea Exchange, a decline of three percent, yet recently announced it expects sales would grow to 4 trillion won ($3.5 billion) by 2015.
A much more substantial data breach struck South Korea a year ago. SK Telecom, another one of the nation’s top telecommunications firms had its Cyworld blogging platform hacked, compromising the information of up to 35 million users.