[Asia Economy Reporter Seungjin Lee] Recently, cases of account information theft have been on the rise. Those who use the same ID and password across multiple websites should change their passwords.
The Personal Information Protection Commission announced on the 20th that there has been a surge in 'credential stuffing' account information theft cases targeting online shopping malls, urging users to exercise special caution.
'Credential stuffing' attacks involve hackers randomly inputting user accounts (IDs) and passwords that have already been leaked or previously stolen into other websites. If the login is successful, the attacker steals the user's information. If an account and password are compromised in one place, personal information leaks and financial damages can occur due to account theft across multiple websites.
The Personal Information Protection Commission is currently investigating online shopping malls where signs of personal information leakage due to 'credential stuffing' and other account information theft have been confirmed. They explained that if any violations are found, strict measures will be taken according to the Personal Information Protection Act.
Additionally, users of shopping malls are urged to use different passwords for each website to prevent secondary damage caused by account information theft. They also advised that websites or apps capable of two-factor authentication?such as mobile phone text verification, email verification, phone verification, or biometric authentication?should have two-factor authentication set as mandatory to enhance security. Furthermore, it was recommended to withdraw membership from websites that have not been visited for a long time or are no longer needed.
Yang Cheongsam, Director of the Investigation and Coordination Bureau at the Personal Information Protection Commission, requested, "Online shopping mall operators should thoroughly analyze and inspect user access records and usage status to detect any suspicious cases of account information theft. If possible, they should take additional measures such as guiding password changes and implementing two-factor authentication to prevent account information theft."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
