Firms prepare lawsuits for victims of credit card company breaches

Local law firms are preparing class action suits on behalf of a number of consumers who have suffered both physical and mental damage from a massive personal data theft incident early this year for which the country's three-largest credit card companies had to take responsibility for in the past three months.

The three card companies at the heart of the recent data security breach scandal, KB Kookmin Card, NH Nonghyup Card and Lotte Card, resumed business on May 17 after a three-month suspension following the uncovering of the scandal in January. But the security breach was unprecedented globally in terms of the amount of personal data that was stolen last year and customers are still apathetic.

On Jan. 8, the Changwon District Prosecutors’ Office announced that 104 million cases of data security breach had occurred when various types of private information was by the three companies, including credit card numbers, expiration dates and other related data.

Two months later, prosecutors confirmed the incident had affected the personal data of about 80 million people had been traded in the market. The Financial Supervisory Service (FSS) launched a special probe of the three companies. As a result, the financial authority imposed a business operation suspension on the three companies on May 17.

Although the card companies are now open for business again, they will quite likely continue to suffer from unabating consumer claims and about $70 million worth of lawsuits that have been instigated so far. New claims are expected to arise in the next two to three years.

Though the claims are based on psychological stress caused by breach of personal data, the card companies are refusing to compensate for mental damages saying they will not act unless the court tells rules against them.

Recently, Barun Law LLC (www.barunlaw.com), one of the top-10 ranking law firms in Korea, has started representing customers in a class action suit. The firm plans on publicly gathering plaintiffs through their class action website.

Attorney Young-noh Choi, a partner at Barun, said, “Due to the data sharing system among Korean financial institutions, personal data of consumers who are not even customers of KB, NH or Lotte Card, have been leaked on a massive scale. Almost all personal data of those who have any accounts in the country have been exposed. No matter whether you have a credit card or not, once you set up a bank account with any Korean financial institution, you definitely need to check for possible exposure.”

Unlike the U.S., Korea does not have a class action model for the plaintiffs, with only one exception for stock market related cases, which means that the plaintiffs have always instigated liability suits with the court on an individual basis.

Not only is this case the first of its kind in terms of the enormity of the data breach, but the litigation model will be the first of its kind too, with a Korean law firm gathering plaintiffs from all over the world, collecting evidence and otherwise providing representation -- all on an online basis.

Korea ranks number three in terms of countries that have the most annual card usage. It may be partly due to the fact that one individual could be a member of several credit card companies but the instances of data breach have reached more than double the number of the Korean population, 50 million, as the result of the country’s data sharing system.

BY SHIM JAE-WOO