A lending platform allegedly sold 200,000 users’ personal information to loan lenders and loan sharks without permission, according to a joint inspection by South Korean authorities on Monday.
In a press release, the Financial Supervisory Service (FSS), the Financial Security Institute (FSI), the Gyeonggi provincial government, and the South Korean national police stated that they looked into seven lending platforms registered in the Gyeonggi province from April 12 to 14 and 18 to 21. These companies have more than 60% of total loan lenders, who use their platforms for advertising, as their users.
According to the statement, one of the companies sold all of their 200,000 members’ data to both legal and illegal money lenders. The data includes sensitive information such as phone numbers, home addresses, family relations, occupations, salaries, credit scores, and records on loan transactions and late payments. They set each piece of information at different price ranges, from 1,000 to 5,000 won (approximately $1 to $4).
“It seems that they collected this information for the purpose of selling it and then sold it to multiple venders,” said an official from FSS who works closely with the matter to The Readable.
Furthermore, the joint inspection team discovered a hacking attempt against one of the lending platforms where an attacker tried to infiltrate the system 1,909 times within 11 minutes. The team also discovered a loan agency that hacked into another lending platform system and secretly accessed their customers’ phone numbers.