Shinhan Card Incident: 192,000 Franchise Owner Mobile Numbers and More Leaked

Shinhan Card announced on December 23 that it had reported to the Personal Information Protection Commission an estimated leak of approximately 190,000 records, including mobile phone numbers of merchant representatives.

The exterior view of Shinhan Card headquarters in Euljiro, Jung-gu, Seoul. Shinhan Card

Specifically, it was determined that 181,585 mobile phone numbers of merchant representatives, 8,120 records containing mobile phone numbers and names, 2,310 records containing mobile phone numbers, names, birth years, and genders, and 73 records containing mobile phone numbers, names, and dates of birth-a total of 192,088 records-were leaked for the purpose of new card recruitment.

A Shinhan Card official explained, "According to our investigation so far, personal information such as resident registration numbers, as well as credit information like card numbers and account numbers, has not been leaked."

The official added, "This incident is entirely unrelated to the information of general customers and concerns only merchant representatives."

According to Shinhan Card, the leak did not result from external intrusions such as hacking. The investigation revealed that it was due to the misconduct of some internal employees for the purpose of new card recruitment.

The Shinhan Card representative stated, "We have determined that there is no risk of the leaked information spreading further elsewhere."

Shinhan Card confirmed that there have been no damages resulting from the leaked information so far, but stated that it plans to actively provide compensation should any damages occur.

Shinhan Card has posted a notice and an apology on its website, and is operating a page where merchant representatives can check whether their information was included in the leak.

At the same time, the company is individually notifying the affected merchant representatives.

A Shinhan Card official said, "We sincerely apologize for the concern caused by this incident and will do our utmost to protect our customers and prevent similar cases from happening again."

The official further stated, "It is necessary to confirm through additional investigation whether this case constitutes 'use of personal information for purposes other than intended' or an actual 'information leak,' but we are taking measures equivalent to an information leak to proactively protect our customers."

Meanwhile, separate from Shinhan Card's response, the entire financial sector is closely watching whether the Financial Supervisory Service will conduct an on-site inspection.

After the Lotte Card personal information leak, the Financial Supervisory Service began frequent inspections, and following the Coupang incident, it also launched on-site inspections and even requested to participate in the investigation at Coupang's headquarters.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.