Executives at three credit card companies bowed in apology before the South Korean public on Monday after a man hired by a credit ratings firm stole client data from as many as 20 million people, 40 percent of the nation’s population, the New York Times reported.
At a news conference, the executives promised compensation to customers for any financial losses due to the data heist.
Earlier this month, authorities arrested a 39-year-old technician working for Korea Credit Bureau, a ratings firm the credit card companies had hired to improve how they protect client data. The man is identified by his last name only, Park, and he is accused transferring personal information from 104 million credit cards issued by KB Financial Group, the NongHyup Financial Group and Lotte Card onto a USB device. The personal information included names, phone numbers, South Korean social security numbers, email addresses, residential addresses, salaries, monthly card use and other credit-rating information, according to a statement by the Financial Supervisory Service. The theft took place from May 2012 to December 2013.
Two managers at phone marketing companie have been accused of buying the stolen data from Park, but prosecutors said they found no evidence the data traveled any further, the New York Times reported.
Lawyers and civic groups were planning lawsuits against the credit card companies on Monday. The banks' call centers and websites have been fielding customer inquiries about the data breach.
On Monday, Prime Minister Chung Hong-won ordered the government to inrease punishment for those responsible.