Almost 1.9m Ppomppu user accounts hacked

A special government investigation team has been set up to track the hackers who stole the personal details of almost 1.9 million users on the country’s largest community website.

Users are being urged to change passwords and user IDs immediately after Ppomppu, a popular online community for sales of the latest electronic products, posted a notice on Friday confirming that the stolen information includes a user’s ID, password, birthday, email address, nickname, the day of membership and the ranking as a member.

The 13-digit national registration ID number, however, was not stolen, as the website does not require it for membership, the notice read.

“Please change your ID and password if they are identical to those of your membership at other websites,” the post said. “Ppomppu will do our best to curb further problems by mulling over all measures and ways. We sincerely apologize for this by bowing our heads.”

The government’s joint investigative team includes private specialists and was set up by the Ministry of Science, ICT and Future Planning on
Saturday.

The ministry said the state-run Korea Communications Commission will send an email to all users to notify them about which information was stolen and the measures they should take to minimize further damage. The email also provides a list of telephone numbers of authorities for inquiries.

Monitoring of the illicit distribution and use of any leaked information will be intensified, according to the ministry. A center will be set up to receive reports on other hacking incidents around the clock.

Changing passwords is crucial, the ministry said, as the stolen information could be used for additional crimes such as voice phishing.

“The level of hacking is not that high,” a Science Ministry official said by phone. “Hackers attacked the system that manages the personal information.

“But we haven’t figured out where the hackers were based,” he said. “Through an investigation with police, the commission will make an announcement on the result later.”

Given that the website has approximately two million members, hackers did not steal information on all members, the official added.

“As Ppomppu allows a single person to register multiple IDs, the actual number of people whose information was leaked is expected to be smaller than 1.9 million,” said an official from the commission.

The website, which opened in November 2005, started as an online community site sharing information on shopping. In the late 2000s, it gained popularity as a place for sales of IT-related gadgets.

BY KIM HEE-JIN [kim.heejin@joongang.co.kr]