Lotte Card Co., South Korea’s fifth-largest card issuer, confirmed on Thursday that the personal data of roughly 3 million customers was compromised in a hacking incident last month.
While no improper use has yet been reported, the company admitted that the breach exposed highly sensitive information.
According to Lotte Card, around 200 gigabytes of data were leaked, including personal identification numbers, internal IDs, and connection records. More critically, card verification codes, card numbers, and expiration dates of approximately 280,000 customers were stolen, raising fears of potential credit card fraud.
Lotte Card CEO Cho Jwa-jin issued a public apology and pledged full compensation for any damages resulting from the misuse of the leaked data. He clarified that the breach stemmed from data generated during online settlement processes between July 22 and August 27. Cho stressed that additional authentication requirements would make it difficult for attackers to use the stolen data for online or offline transactions.
The cyberattack adds to growing concerns in South Korea’s financial sector, which has seen a string of large-scale breaches. Earlier this year, Seoul Guarantee Insurance also suffered a hacking incident.
Meanwhile, the Financial Supervisory Service has been urging financial institutions to tighten security. The Ministry of Science and ICT has also launched an investigation into attempts by the hacking group Scattered Lapsus$ to sell personal data allegedly stolen from SK Telecom for $10,000. In addition, KT Corp. recently reported 278 cases of unauthorized mobile payments worth ₩170 million ($122,000), sparking fears of another possible data leak.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
