[Asia Economy Reporter Kim Hyo-jin] The Financial Services Commission announced on the 7th that it is currently verifying the authenticity of the information after an unidentified hacker claimed to have stolen data from E-Land Group and publicly released approximately 100,000 card details.
In the same day's "Public Notice on Card Information Disclosure on the Dark Web," the Financial Services Commission stated, "We are working with the Financial Security Institute, the Credit Finance Association, and credit card companies to verify the authenticity of the disclosed card information and to prevent fraudulent transactions," adding, "So far, no suspicious transactions have been detected through the Fraud Detection System (FDS)."
The Financial Services Commission explained that the disclosed card information does not include passwords or CVV (CVC) details required for online payments, and since the use of IC card terminals is mandatory for offline card payments, it would be difficult to fraudulently use the cards with only the disclosed information.
The Financial Services Commission also stated, "We will continue to verify card information and operate the FDS according to the manual to prevent damage if additional card information is disclosed in the future."
The FDS is a system that notifies consumers via phone or text message when abnormal signs are detected and blocks card payment approvals. If consumers suffer damages due to fraudulent card use, financial companies compensate the full amount according to relevant laws.
According to financial authorities, an unidentified hacker carried out a ransomware attack on E-Land Group on the 22nd of last month and publicly released about 100,000 card details on the dark web on the 3rd.
Ransomware is malicious software that encrypts data on a user's computer and demands money in exchange for decrypting it.
However, it has not yet been confirmed whether the disclosed information was obtained through hacking E-Land Group's computer network or if the card information is genuine.
E-Land Group previously stated that major information, including card details, has been encrypted and managed on a different server unrelated to the ransomware attack.
The dark web refers to websites accessible only through special browsers, making IP (internet address) tracking difficult, and is often used for cybercrime.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
