In the last 24 hours, there has been much coverage of a data breach impacting the estimated 35 million users of SK Comms in South Korea. SK Comms is the largest service provider in the region, offering 3 types of service: social networking, mobile phone and instant messaging. The breach affected user accounts of Nate portal and CyWorld, both under SK Comms.
SK Comms Breach
Given the breadth of services offered, SK Comms has been committed to user security, and as such has required higher level of personal information to secure and link user accounts than many other service providers might require. Unfortunately, these very measures are also the same ones that have now impacted users greatly. The stolen info was reported to be user names, email addresses, contact numbers, and some encrypted information that include the users’ blood type.
The online landscape in South Korea is interesting, and gives us an idea of the impact of the breach. The country’s Internet penetration is high and Internet speed is fast enough to sustain mobile banking, i.e. conducting online banking transactions using mobile devices/smartphones. Thus mobile banking is pretty commonplace in South Korea. If users submit the same information and use the same passwords for all their online accounts, it would not take too much creativity to for the hackers to conduct subsequent attacks.
SK Comms issued an advisory to users of the affected sites. In the said post, they have expressed their apologies regarding this incident and gave instructions on what to do in case customers may receive voice phishing and spam mails. More information can be found in http://www.nate.com/nateInfo/noticeInfo.aspx.
Lessons from Data Breaches Past
One practice users should learn is to create different passwords for different online accounts. This lesson has not changed ever since the first big data breach this year and the years before that. Creating different passwords for different accounts will give you an additional layer of security (and peace of mind) in the event that your data from one of your online account service providers is stolen.
This breach is the latest of several recent hacking incidents this year. Based on what we have been seeing, cybercriminals need to conduct extensive research into a target company in order to determine a weakness as their point of entry. The initial contact may either be a network attack or a social attack, depending on the weakness found. The weakness may be an infrastructure security hole or the good old human vulnerability, and the attacker will use the appropriate means to get inside the network. After that, the attack becomes all about keeping silent during exfiltration (releasing data from a computer system without the owner’s knowledge) until the attacker’s goal(s) are met.
So far, details are few about how this particular data breach was conducted, but we will be updating this blog entry as soon as new technical information comes in.
Leave a reply