Fallout of parachute appointments
At first, it didn’t look that serious. Scandals often come and go in Korean society. The presidents of KB Kookmin Card, Lotte Card and NH Nonghyup Card - the companies involved in the leak crisis - immediately held a joint press conference and announced their resignations, thereby taking responsibility for the leaks, which are feared to have affected nearly half the population.
It was an unusually prompt and joint show of accountability from financial institutions. But they drew a clear line on culpability. They made it clear that the credit card details were stolen and illegally traded by an IT contractor working for the Korea Credit Bureau, which produces credit scores for financial institutions and consumers. They even declined to stand next to the KCB representatives for a photo session by journalists, and they kept their heads down in a show of apology to the public. They may have wanted to send out the message that they, too, were victims.
In retrospect, the credit card companies did not take the matter that seriously at first. Even though it took just minutes for the temporary worker to download the personal data of 20 million credit cardholders, they considered the theft an unfortunate “accident.” If there had not been strong words from President Park Geun-hye, who was informed of the disaster while attending an economic forum in Davos, Switzerland, the three company presidents might have not hastily organized a press conference and offered to resign. The government and financial sector believed the officials made an effort to apologize. They thought the crisis would die down and they could be forgiven and forgotten. But it has not.
The disaster opened Pandora’s box, exposing the vulnerability, fragility and the shadows behind a country where credit cards, the Internet and smartphones are indispensable in daily life. The media unleashed reports of swarming fraudulent brokerage services trading consumer information, poor financial security and protection on personal data, and lack of public awareness on civilian and consumer rights on privacy.
There was nothing new about the reports. What had been commonplace and long tolerated was freshly investigated and highlighted. It reached a point where consumers no longer can sit quietly and tolerate how their private information was stolen, mined and traded to God knows where and to whom.
The public fury is understandable. The people’s privacy has been violated too often, and we have seen few taking responsibility. When the computer data network of Nonghyup bank was hacked three years ago, there was a similar racket that died down later. Then-head of the institution Choi Won-byung said he could not take the blame because it was the fault of the company’s employees. It helped to be a part of the president’s high school alumni. Choi had his vice president take the blame and he recently was re-elected to a four-year term at the state-invested farming lender for 30 million customers around the country.
Hyundai Card in the same year also suffered hacking into its database, and its leak of 1.74 million individuals’ information included sensitive personal details. Chung Tae-young, chief executive of Hyundai Card and Hyundai Capital Services, cut his overseas business trip short to apologize for the theft. The company suffered a major blow and came under scrutiny. But so far, the financial regulator keeps dragging its feet on penalizing the company.
Hacking, theft, leaks and trade on consumer databases since then only increased. Over the last two years, leaks of information from more than 10,000 consumer accounts were reported more than 20 times. But we have not seen any progress, nor has anyone taken responsibility. Scurrying to ease consumers’ jitters, rage and mistrust in their financial security, regulators pumped out one tough measure after another. As a result, almost every online and credit card transaction comes under tight security scrutiny, from pizza delivery to a mobile phone settlement of less than 1 million won.
Overlapping and excessive regulations have only aggravated consumer complaints and inconvenience. The deputy prime minister recently came under fire by saying the people, or consumers, should also share the responsibility. With the government under attack, scapegoats are now inevitable. The once-financier said not many CEOs of financial institutions would be able to finish their terms comfortably. The financial industry is in one of its worst times. Companies’ profits are low, security control is weak and risk management is a mess. It is the fallout of the legacy of revolving-door appointments of financial CEOs. The heads of financial institutions had been too preoccupied with pleasing people in power to pay attention to run good business. Now it is payback time. Someone ought to pay the price.
*The author is an editorial writer of the JoongAng Ilbo.
By Yi Jung-jae