The credit card information of 20 million South Koreans has been leaked, state regulators reported on January 19. In a country of 50 million, this marks one of the country’s most devastating security breaches ever. The perpetrator? Allegedly, a single engineer.
An employee of Korea Credit Bureau has been arrested for stealing the names, social security numbers, phone numbers, and credit card information of 20 million cardholders. Agence France-Presse reports that the employee then sold the data to multiple phone marketing companies, the managers of which have also been arrested.
None of the data have circulated, but all 27 top executives from KB Financial Group, one of the affected credit card companies, have offered to resign, according to the Wall Street Journal.
The breach comes only a month after a Citibank Korea employee stole the personal data of 34,000 customers. The string of malicious employee breaches isn’t a new trend: In a 2008 study by Compuware, IT professionals estimated that over 25% of data leaks were of that nature.