Baemin operator becomes latest victim of data misuse by partner firm

A rider for Baedal Minjok drives in Seoul, Feb. 8, 2022. Yonhap

Woowa Brothers, operator of major online food ordering platform Baedal Minjok, has become the latest company to suffer a customer data leak carried out by a criminal ring.

Woowa Brothers said it was informed by Seoul's Yangcheon Police Station on Friday that a partner firm managing its customer service center had been infiltrated by a member of a criminal group disguising as a new recruit. The perpetrator intended to steal the personal data of a Baedal Minjok customer, including the person’s contact number and address.

Police said the criminal had been paid by an unidentified client seeking personal retaliation. After acquiring the necessary information to approach the target, the criminal left human excrement and scribbles on the entrance door of the victim’s home.

“Yangcheon police first informed us about the crime last Friday, shortly after which they apprehended all the suspects. The police were heading to the Seoul Western District Prosecutors’ Office to determine whether arrest warrants would be required,” a Woowa Brothers official said.

Police said the criminals acted like a private “solution provider” and accepted orders through online messenger platform Telegram.

The company said it has reported the case to the state-run Personal Information Protection Commission and notified customers who were likely targeted by the criminals about their apprehension. It added that it will revoke its partnership with its customer service provider after inspecting all customer data handled by the firm.

“We take extremely seriously this incident involving a member of a criminal organization who gained fraudulent employment at our outsourced customer service center and misused customer information. We will disclose all follow-up measures based on the investigation results,” the company said in a statement Monday.

Recognizing the gravity of the situation, Woowa Brothers said it will strengthen its internal controls on handling customer data. The company said it will overhaul its management systems by tightening recruitment standards for counseling staff and conducting a comprehensive inspection of current practices.

The incident is the latest in a series of customer data leaks suffered by companies here since last year. Coupang unknowingly allowed a Chinese employee to steal the personal data of the e-commerce giant’s 33.7 million customers for five months without detection. SK Telecom and Lotte Card also found loopholes that affected more than 23 million and 2.97 million customers, respectively.