hankyoreh

By Han Gwang-deok, Senior Staff Writer　

A rash of customer information leaks by credit card company employees is prompting concerns about serious problems with the companies’ internal control systems. Experts commented on the need for special inspections of credit company information security and internal control systems.

Hana SK Card announced Monday that it had asked prosecutors to investigate allegations that an employee leaked around 200 pieces of customer information, including names, contact details, and resident registration numbers.

Previously, a Samsung Card employee was accused in late August of leaking personal information for 800 thousand customers, including names, mobile phone numbers, workplaces, and ages. Police are currently investigating the accusations.

The latest leak less than a month later means that customer information leaks have occurred at two major credit card companies.

In both cases, the employees accusing of leaking information were in departments where they handled personal customer information. The Hana SK Card employee worked in telemarketing planning, while the Samsung Card employee was a marketing manager. In each case, the employee engaged in transactions with outside companies using the customer information they administered. The Hana SK Card employee was found to have provided information to an outside telemarketing business, the Samsung Card employee to a loan brokerage.

In both cases, the company’s internal monitoring system failed to function properly. Prior to receiving a tip-off from an outside party who claimed to possess customer information, Hana SK Card was completely unaware of the leak. Samsung Card likewise found out about the irregularities belatedly during an inspection of its internal security system.

Hana SK Card believes that around 200 pieces of customer information were leaked, and that it did not include financial transaction information such as passwords and bank account numbers. But while Samsung Card initially said customer information of 18 thousand individuals was leaked, the total was later revealed to be 800 thousand. Observers are also saying the information said to have been leaked is based on the account of the party involved, leaving its credibility in question.

Intense competition among credit card companies, with Woori Bank set to spin off a company early next year, is another factor exacerbating the risk of customer information leaks. As of late June, the total number of credit cards in circulation was 122.3 million, up 4.9 percent from late 2010 and in excess of the 100 million circulating at the time of the 2003 credit card crisis. With companies encouraging membership applications, front-line employees were able to easily access customer information.

The results indicate the need to place strict limits on the authority to access such information in order to head off leaks by employees. Observers are saying key information such as resident registration numbers should be masked to prevent employees from seeing it.

Please direct questions or comments to [englishhani@hani.co.kr]