After the Shinhan Card personal data leak, financial authorities began inspecting security across the entire card industry. Shinhan Card employees secretly took merchants' information for years to recruit new cardholders, and the move aims to check whether similar cases exist at other card companies.
According to the Financial Supervisory Service on the 16th, domestic card companies recently submitted their personal credit information status reports to the Financial Supervisory Service (FSS). Based on the materials, the Financial Supervisory Service will strengthen card companies' internal control procedures.
The FSS's inspection items included: ▲ whether members' personal information can be leaked by internal employees ▲ whether access rights to personal information processing IT systems are granted only to the minimum number of employees ▲ whether personal information inquiry permissions are differentiated by rank and job function.
The Financial Supervisory Service conducted an on-site inspection at Shinhan Card late last year, but the results are not yet out. The financial authorities are working closely with the Personal Information Protection Commission, which is currently investigating the data leak. At Shinhan Card, about 192,000 items of personal information were leaked from Mar. 2022 to May last year, and the financial authorities are checking whether any sensitive information is included.
The financial authorities plan to further strengthen security in the lending industry this year.