jm + web + identity   1

Massive identity-theft breach in South Korea results in calls for national ID system to be abandoned
In South Korea, web users are required to provide their national ID number for "virtually every type of Internet activity, not only for encrypted communications like e-commerce, online banking and e-government services but also casual tasks like e-mail and blogging", apparently in an attempt to "curb cyber-bullying". The result is obvious -- those ID numbers being collected in giant databases at companies like "SK Communications, which runs top social networking service Cyworld and search site Nate", and those giant databases being tasty targets for black-hats. Now:

"In Korea’s biggest-ever case of data theft the recent hacking attack at SK Communications, which runs top social networking service Cyworld and search site Nate, breached 35 million accounts, a mind-boggling total for a country that has about 50 million people and an economically-active population of 25 million. The compromised information includes names, passwords, phone numbers, e-mail addresses, and most alarmingly, resident registration numbers, the country’s equivalent to social security numbers."

This is an identity-fraudster's dream: "In the hands of criminals, resident registration numbers could become master keys that open every door, allowing them to construct an entire identity based on the quality and breadth of data involved."
south-korea  identity  fraud  identity-theft  web  bullying  authentication  hacking 
june 2012 by jm

Copy this bookmark:



description:


tags: