Data stolen from 35 million South Korean social networking users

Filed Under: Data loss, Privacy, Social networks, Vulnerability

Cyworld
Hackers have broken into the popular South Korean websites Nate and Cyworld earlier this week, and stole information about 35 million social networking users.

Names, email addresses, phone numbers and resident registration numbers of users are said to have been compromised.

The BBC reports that the Korean Communications Commission has pointed the finger of blame at Chinese hackers, after it was discovered that the IP addresses of intruding computers were based in the country.

SK Communications, which owns both websites, have published an apology in the form of a website pop-up which offers more information (sorry, it's in Korean), including links for how users can change their passwords.

Warning message

For those who have been brought up with social networks like Facebook, Cyworld may seem a very strange environment with its Sims-like characters and virtual departments.

Cyworld

Although its US launch some years ago was unsuccessful, Cyworld is a phenomenon in South Korea with an astonishing 35 million users - a staggering figure when you consider the country only has a total population of 49 million people.

Let's just reiterate that. 49 million people live in the country, 35 million of them have had their personal information exposed because of this internet hack.

Wow. That's amazing. And not in a good way.

The most obvious danger is that users of the websites may be targeted by spam and phishing attacks through no fault of their own. Once again, a social network has done a poor job at protecting its users' information, and it's the public which has to carry the burden.

, , , , , ,

You might like

5 Responses to Data stolen from 35 million South Korean social networking users

  1. Dante · 1183 days ago

    "Cyworld is a phenomenon in South Korea with an astonishing 35 million users - a staggering figure when you consider the country only has a total population of 49 million people."
    Astonishing. It's almost like what the websites report are not actual users, but rather registered accounts (compare Facebook's 700 million "users").

    • Dante Moron · 1025 days ago

      Facebook is INTERNATIONAL while Cyworld is a Korean Local Website. There's no point in comparing the two you MORON!

  2. two cents · 1183 days ago

    on the one hand - this is bad because so many people's information is now at risk to be used for potentially malicious purposes... on the other hand - why aren't companies doing more to secure their data? Does anyone else find it interesting that most of the breaches lately have been of customer data and not company data (ok, yes some emails and stuff - but not the majority)... it makes me think they're securing their information more and their customer's information less. If they truly cared about their customers and not just the bottom line, they'd secure both equally.

  3. Sang · 1182 days ago

    @Dante:

    You're right in that what they're reporting is registered users, not actual users. I myself don't use it anymore, nor do my circle of friends. However, registration means all that info is *there*. So, the fact that 35 million people's information was hacked in a country whose population is 49 million is quite astonishing.

  4. Ivan · 862 days ago

    @Dante

    actually, the number of registered users is far closer to number of actual users, because in Korea, you need to register an account with your unique social security number. In other words, you might have multiple accounts, but these multiple accounts are directly linked to unique users.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.