The Financial Supervisory Service warned that it will impose strict sanctions, including a penalty surcharge of up to 5 billion won, in the event of hacking incidents at lending companies and customer information leaks.

The Financial Supervisory Service (FSS) said on the 13th that it held a meeting with chief executive officers (CEOs) of the top 20 lending companies and urged caution by briefing them on the types and main causes of hacking incidents.

Financial Supervisory Service in Yeouido, Seoul/Courtesy of Financial Supervisory Service

After hacking incidents occurred one after another at lending companies such as NR Capital and MSI and customer information was leaked, the FSS moved to respond. Kim Hyeong-won, assistant deputy governor in charge of public livelihood finance, who presided over the meeting, noted that although the lending sector is obligated under the Credit Information Act to establish security measures, hacking occurred because they neglected to invest in information security infrastructure.

To prevent a recurrence, Assistant Deputy Governor Kim asked for the following: ▲ restrict external internet access on work PCs ▲ immediately improve vulnerabilities through security diagnostics by professional security firms ▲ establish technical, physical, and managerial security measures such as encrypting personal credit information. He also emphasized strict sanctions, including a penalty surcharge of up to 5 billion won, if customer information is leaked due to violations of obligations.

The recent hacking incidents at lending companies occurred when employees became infected with malware while accessing external internet sites on work PCs. Hackers attempted to access databases (DB) and business systems to steal customer information through PCs infected with malware. Lending companies with weak access controls (such as firewalls) failed to block the hackers' intrusion, leading to the leakage of customer information stored in DBs.

While CEOs of lending companies who attended the meeting agreed on the need to strengthen security, they also offered the view that small lending companies face difficulties in implementing security measures under the Credit Information Act and need support from the supervisory authorities and the Korea Lending Finance Association.

The FSS plans to guide institutions to strengthen their security levels to prevent harm to financial consumers from hacking incidents.

※ This article has been translated by AI. Share your feedback here.