"After the Lotte Card data leak broke, I received an alert that there was an attempt to make a payment in a country I've never even been to.""I never applied, but I was contacted that a reissue shipment from Lotte Card had started."Posts from Lotte Card members’ online community
As the hacking incident at Lotte Card leaked the information of 2.97 million people, anxiety is growing among members about secondary damage such as voice phishing. In particular, for 280,000 people whose sensitive information was additionally leaked, even the possibility of fraudulent card use is being raised. Lotte Card is recommending that members reissue their cards and change their passwords to prevent fraudulent use.
According to Lotte Card on the 19th, the company completed guidance via text message to all 2.97 million affected members the previous day on whether their information was leaked, the list of leaked information, and follow-up measures.
Those subject to the data leak are members who used Lotte Card for online payments from Jul. 22 to Aug. 27. While explaining that member information was leaked in encrypted form and the likelihood of actual fraudulent use is low, Lotte Card is still recommending password changes for safe use. Lotte Card argues that fraudulent card use is impossible with only the CI (connecting information) and virtual payment codes leaked this time.
However, for the 280,000 affected members whose sensitive information such as card numbers and CVCs (three digits on the back of the card) was leaked, the company advised that it strongly recommends changing passwords and reissuing cards. This is because they face a higher risk of fraudulent use than other affected members. However, members who were reissued new cards in or after September are excluded. No direct cases of fraudulent use have been reported so far.
If you did not receive a text, you are not subject to the data leak. Even so, if you want precise confirmation, you can view the list of leaked information directly through the Lotte Card application (app). In the Lotte Card app, you can also complete card reissuance, block overseas payments, and change your password all at once.
Affected members must report to the card company immediately if they find transactions different from usual. Even members with a low likelihood of fraudulent use should beware of secondary damage. Voice phishing or small-amount charges using the leaked information are typical. In particular, if you receive contact about card delivery you did not apply for, you need to be especially careful. Calling a fake customer service number can lead to monetary loss.
Lotte Card plans to fully compensate all damages arising from this leak. It will also provide, free of charge through the end of the year, Credit Care, a financial loss compensation service that covers damages from financial fraud such as phishing and hacking or from cyber extortion, and will operate a card transaction alert service that allows members to check card usage in real time.