The Korea Herald reports that a 31-year-old man surnamed Seo was recently arrested for purchasing the account information of 25 million users of the South Korean Web portal Naver in August of 2013 (h/t Softpedia).
Seo allegedly used the data, which included names, residential numbers, user names and passwords, to access Naver accounts and send spam messages and "other illicit e-mails," from which he earned approximately 160 million Won (about $150,000).
An alleged accomplice surnamed Hong was also arrested -- Hong allegedly developed software that automatically logged into Naver to extract information.
Three other alleged accomplices have also been charged, though they haven't been detained.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
A Naver official told the Korea Herald that it wasn't possible to prevent such attacks, and that the best preventative measure for users to take in response would be to change their passwords on a regular basis.