 |
Photo = Yonhap news |
[Alpha Biz= Paul Lee] Two Korean general agencies (GAs) specializing in insurance sales were recently targeted in cyberattacks, resulting in the leak of personal information belonging to over 1,000 customers and employees, according to a statement by the Financial Supervisory Service (FSS) on May 20.
The breach was initially discovered when South Korea’s National Intelligence Service detected signs on the dark web that an unknown hacker intended to leak stolen personal data from the GAs. Following the alert, the Financial Security Institute investigated the GAs and their supporting IT service providers.
The investigation revealed that a developer at the IT service provider had unknowingly infected their PC by clicking on a malicious link while using a foreign image-sharing website. This led to the compromise of sensitive systems used by the GAs.
At Youfirst Insurance Marketing, a major GA, the stolen data included:
Personal details (names, resident registration numbers, phone numbers) of 349 customers
Names and phone numbers of 559 employees and insurance agents
For 128 customers, credit information such as insurance product types, policy numbers, and premiums was also exposed
At Hana Financial Find, another GA, 199 customers’ personal information was leaked. However, there was no exposure of financial or contract-related data in that case.
The FSS has directed the affected companies to promptly notify all impacted individuals and has asked insurers to ensure that the leaked data is not used for unauthorized actions such as policy loans, early withdrawals, cancellations, or modifications.
The FSS also stated that it would conduct on-site inspections of the affected GAs and take any necessary regulatory action in response to the data breach.
Alphabiz Reporter Paul Lee(hoondork1977@alphabiz.co.kr)
