April 18, 2011 S. Korea bank probed over "cyber-attack" shutdown
SEOUL: Regulators launched an inquiry Monday into South Korea's largest banking network in terms of branches, after a suspected cyber-attack left many customers unable to access their money for three days.
A system crash that started on April 12 left customers of the National Agricultural Cooperative Federation, or Nonghyup, unable to withdraw or transfer money, use credit cards or take out loans.
Financial Supervisory Service and central bank officials visited the bank's Seoul headquarters Monday to investigate whether it had complied with computer security rules.
The bank's services were partially restored after three days, but some -- including an advance cash service -- were still unavailable Monday. Some 310,000 customers have filed complaints and nearly 1,000 called for compensation.
The major technical glitch also temporarily deleted records of some of Nonghyup's 5.4 million credit card customers, leaving the firm unable at present to bill customers or settle payments to retailers.
Nonghyup, which has about 5,000 branches, said it suspected the problem was caused by cyber-attackers, who entered commands to destroy computer servers and wipe out some transaction histories.
"The latest incident was conducted internally...the meticulously designed commands entered through a laptop computer owned by a subcontractor company were carried out to simultaneously destroy the entire server system," Nonghyup official Kim You-Kyung told a briefing.
The bank pledged full compensation for any damages and stressed there was no leak of personal data.
It was the second major glitch at a financial firm this month, after Hyundai Capital said a hacker broke into its computer system and stole customer data.
Hyundai Capital, which has about 1.8 million customers, said it lost data on 420,000 customers such as names, residential registration numbers and mobile phone numbers.
About 13,000 passwords also appeared to have been hacked from customers' loan accounts, said Hyundai Capital which is also under investigation by regulators.
Consumer rights groups said they may file class action suits against the two firms.
"We have already enough people to qualify to file suits, but laws are not favourable to consumers in a case like this," Cho Nam-Hee, chief of the Korea Finance Consumer Federation, told AFP.
Cho said the level of protection that financial firms must by law maintain on its online systems is relatively low, and courts usually impose fairly light punishments.
http://www.channelnewsasia.com/stories/afp_asiapacific_business/view/1123478/1/.html
