Chinese Hackers Blamed for Huge South Korean Database Theft

Hackers have stolen the personal data of 35 million users of the South Korean social network Cyworld and search engine Nate, the company that runs them, SK Communications, has admitted.

The country’s regulator, the Korea Communications Commission, said in an official statement that SK Telecom had traced the attack to IP addresses in China, and involved the theft of phone numbers, email addresses, and encrypted data such as passwords and ‘resident registration’ numbers of users of the service.

Cyworld is a domestic competitor to foreign services such as Facebook and twitter, while Nate has a more Korean flavour in which users use avatars to inhabit to virtual houses, and share photos and videos from smartphones.

Assuming the most sensitive data has been taken in its encrypted form, the scope of the attack for the services is likely to be low. Users will be asked to reset those credentials. Access to the services is also free which means no financial data will have been taken.

However, as with the Sony data breach from earlier this year, the main worry is that the data theft will fuel a rise in spamming, phishing and social engineering attacks.

South Korea and it companies are a regular target for attacks, and China and neighbour North Korea are usually blamed. What stands out in the latest attack is once again its size and scope. The entire user database seems ot have been compromised.

“It’s too early to say whether this attack is politically motivated or merely an attempt to steal personal information for financial gain. However it’s now becoming increasingly difficult to differentiate between attacks on military, communications, financial, civilian or critical infrastructure targets,” said Mark Darvill of security company AEP Networks.