The South Korean police said on Monday that they have arrested twelve individuals belonging to a criminal group suspected of breaching 385 websites and stealing the personal data of almost 7 million customers. The leader, a 48-year-old male, a high-ranking member, a 40-year-old male, and a computer hacker, a 25-year-old male, were among seven members who were taken into custody.
According to the Jeonnam provincial police, the suspects breached a notable business media outlet’s website and stole 300,000 cases of subscribers’ information including names, addresses, phone numbers, and dates of birth. This was the largest volume of information leaked from a single website, according to the police who have been investigating the allegations.
A popular matchmaking company in South Korea has also fallen victim to the criminals’ illegal activities. The police explained that the hackers gained access to almost 110,000 cases of customers’ sensitive data, including resident registration numbers, occupations, and information about their family relations. The police did not disclose the name of either company.
In addition, law enforcement officials have found personal information stolen from a database of hospitals’ web pages, including the advertising site of a plastic surgery clinic. “Data such as names, addresses, and phone numbers of patients have been breached,” said Lee Yong-geon, the head of the cybercrime investigation division of the Jeonnam provincial police, to The Readable. “We have not detected a leakage of patients’ medical information during the investigation.”
In a press release, the police stated that the culprits organized a hacking for service channel on a social media platform in August 2020 and charge their clients from one million won (approximately $800) to five million won ($3900) for exploiting a company website and stealing its customers’ personal information.
The police believe that the criminals, who were latecomers to the online gambling market, first used digital attacks as a means of luring more customers to their gambling site. The suspects later discovered that the websites are extremely vulnerable to cyberattacks and decided to sell the stolen databases on social media platforms for financial gain.
The criminals have chosen to target the websites of companies which have not yet updated their security programs, said Lee to The Readable. He did not disclose the specific hacking tools used to prevent others from following in the footsteps of the criminals.
“The hacker had previously been in contact with the members of the group,” said Lee when The Readable asked if the criminals group had recruited hackers for their illegal activities. The official shared with The Readable that the 25-year-old suspect had been charged with minor crimes related to hacking before his arrest and had made attempted hacks when he was underage.
The South Korean police are also looking into the clients of the criminals to find out if they have made any additional transactions with third parties related to the stolen data that they have received.
“There needs to be further investigation to discover if the leaked data has been exposed on the dark web,” said the head of the cybercrime investigation division. “Users should set their passwords differently for each website since it is easy for criminals to exploit exposed usernames and passwords.”