No credit to card companies

South Korean people are incredulous after learning of more extensive leaks of personal information from three major credit cards that lost client data of nearly half the population a few months ago. The largest-ever theft of personal financial data from KB Kookmin Bank, Lotte Card and NH Nonhyup Card sent thousands seeking cancellation or issuance of new credit cards. Even as regulators banned the three companies from issuing new credit cards, the damage appears to be far from over - despite adamant assurances to the contrary by top financial officials.

Special investigators at the prosecutor’s office in Changwon, South Gyeongsang, announced Friday that they arrested four loan shark agents suspected of trafficking stolen credit card client information. The same office was the first to discover the theft of customer data from the three credit companies. In January, it indicted an employee of the Korea Credit Bureau who stole data on 140 million customers and sold some of it to loan marketers. The Supreme Prosecutor’s Office assured the public there was no further leakage. The deputy prime minister in charge of the economy and chief of the Financial Services Commission made the same claims, along with the heads of the three major card companies. But the latest crackdown confirmed that personal data from as many as 80 million additional accounts had been sold.

Customers who believed the financial authorities and credit card companies have been utterly betrayed. Instead of thoroughly investigating, the authorities and the industry were more worried about a massive cancellation of credit cards. The latest leak contained sensitive data, such as customer names, resident registration numbers and bank accounts that could be abused for illegal loans, marketing, forgeries and financial crimes. Some of the data stolen from Lotte and Nonghyup clients also included credit card serial numbers and maturity dates that could be used to buy things on websites. Authorities should have acted against the worst dangers and yet they repeatedly assured consumers that they had nothing to worry about. They had plenty to worry about.

Regulators, law enforcement authorities and credit card companies must take full responsibility. Punishment for the misappropriation of personal data must be toughened. Theft continues because there is demand. The illegal practice won’t stop unless its perpetrators are faced with the strongest consequences when - or if - they are caught.

JoongAng Ilbo, March 17, Page 30