South Korean police have arrested two people accused of stealing personal information on 8.7 million KT customers.
"According to the provider, [the] data included user names, telephone numbers, and resident registration numbers," writes The Verge's Amar Toor. "Police are also investigating seven other suspects accused of selling this information to telemarketers, as part of an operation that began in February."
"The attack, described as one of the country's largest hacking schemes, is estimated to be valued at six figures: police said the two made about 1 billion won ($878,000) by selling the information to telemarketing companies," writes ZDNet's Emil Protalinski. "Those firms in turn used the details to contact customers (especially those whose contracts were close to expiration or considered likely to change phone plans), soliciting them to switch to other mobile operators."
"At this stage, there is no suggestion that the compromised data was used for any more malicious deeds, but the scale of the operation is a wake-up call to operators and other companies in the country," writes The Next Web's Jon Russell. "KT is said to have contacted police on July 13 when it found evidence suggesting information had leaked out via unauthorised sources, but both sides waited until the arrests had been made before going public."
"KT has apologised for the data breach, saying it has taken steps to prevent further leakage," writes Computer Weekly's Warwick Ashford. "'In light of this incident, we will strengthen the internal security system and raise awareness of security among all employees to prevent causing inconvenience to customers,' the company said."