A hacker stole customer names and home addresses from a major South Korean financial lender then blackmailed the company to not release the information online, according to UPI.
Hyundai Capital, an affiliate of South Korea’s top automaker, said critical financial information was not released. Investigators were unsure if the hacker obtained cellphone numbers and email addresses for the 420,000 people whose data was accessed.
Yonhap news agency said Sunday the hacker likely used servers in the Philippines and Brazil to steal the customer data.
“It seems that a group of one or more than one seasoned hackers was involved in the case,” an one investigator at the Seoul Metropolitan Police Agency told Yonhap. “It is highly likely that there is also an overseas accomplice, not only at home.”
Hyundai Capital became aware of the hacking on Thursday after receiving an email from the hacker demanding money for not posting online data about 420,000 of its customers, according to The Korea Herald.
The company publicly announced the incident Friday after authorities failed to catch the cyber crook before the 7 p.m. deadline that day for making the payment.
Chung Tae-young, president of Hyundai Capital and Hyundai Card, said he was “remorseful and ashamed” that the breach could not be prevented.
“I ask our customers to rebuke us by all means, but do not become prey to excess anxiety,” he said, according to Korea JoongAng Daily. “We are putting all we have toward stopping a second round of hacking and to never letting this happen again.”