[privacy] Citibank Korea Customer Data Hacked, Purchases Made

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via Maeil Business (props, Pogo Was Right).

[snip]

Personal data on the Citibank e-payment system, used for e-commerce, has
been hacked, allowing illegal transactions on bank users' credit cards.

According to the banking industry, 20 credit cards issued by Citibank of
Korea have been illegally settled from Feb. 1 to 6, worth 50 million won
[USD $53,504].

Citibank Korea has requested an investigation from the National Policy
Agency's Cyber Terror Center after finding the company's e-payment system
was hacked to garner dates on the customers' credit card information and
passwords in order to make charges.

Hackers targeted under-300,000 won [USD $321] financial transactions of
companies with weak e-payment security.

That method was used, as below-300,000 won financial transactions can be
made by inserting basic personal information, such as credit card numbers
and passwords without official certificates.

"Unlike other banks, Citibank has omitted the process of inserting the Card
Validation Code (CVC) when executing e-payments, allowing the culprits to
take illegal actions," said an official from the Financial Supervisory
Service (FSS).

[snip]

More:
http://news.mk.co.kr/newsReadEnglish.php?sc=30800005&cm=General&amp
;year=2007&no=83542&selFlag=sc&relatedcode=&wonNo=&sID=308

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFF1KFDq1pz9mNUZTMRAhSvAKD6odEGWpVe7uguc0tQSLehq6j5+gCdHayA
mqakdvaPXaOJFZ5BEOtoBxU=
=1jXq
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy