By Kang Seung-woo
Hyundai Capital’s database was hacked via servers in the Philippines and Brazil by people who stole information little by little in order to avoid detection.
Hyundai Capital was blackmailed by an unknown hacker demanding 500 million won ($460,500) in return for not releasing the confidential financial information of some individuals. Later the day, Hyundai reported the case to the police.
Hyundai transferred 100 million won to accounts that hackers had specified to aid police investigations. The police put surveillance on an automatic teller machine (ATM) but failed to capture the culprit
Hyundai Capital CEO Chung Tae-young returned from a business trip to Norway and the police additionally found that the account numbers and passwords of 13,000 prime loan pass users had been stolen.
Hyundai held a press conference and said that its ongoing internal investigation revealed that not just personal data ― names, residential registration numbers, mobile phone numbers and e-mail addresses ― but also key financial data required to make financial transactions, such as passwords, were grabbed by the hackers.
The Financial Supervisory Services (FSS) launched an intensive investigation into the hacking. The investigation is focusing on whether Hyundai Capital encoded its customers’ passwords for enhanced security. The financial watchdog is also expected to inspect the security system of Hyundai Card, its affiliate, to check if personal information was hacked.
The police investigated a suspect for the leak of personal information. The 33-year-old man was caught because he paid a usage fee for one of the Internet servers involved in the hacking of Hyundai Capital. The man said in the investigation that he paid 6,600 won for access to a domestic server on behalf of an unidentified person he met through an Internet chat site, at his request, according to the cyber investigation unit of the Seoul Metropolitan Police Agency.