hankyoreh

Police launched an investigation into a case in which the personal information of more than 11 million of GS Caltex Corp.’s customers was leaked.

On September 5, the Cyber Terror Response Center, a police unit in charge of online crimes, said it is investigating how two compact discs containing personal information on some 11.19 million people was leaked from inside GS Caltex, the nation’s No. 2 oil refiner. The two compact discs were found on a street in Seoul’s Gangnam district, where many karaoke bars are located. According to the police unit, the compact discs contain 76 Excel files in a folder labeled “GS Caltex Customer List,” which includes personal information on customers who were born between 1940 and 1992.

The files included the customers’ names, resident registration numbers, home and office addresses, home and mobile phone numbers and e-mail addresses. In addition, some of the files have information on its customer’s companies. Both compact discs contain personal information on customers living all over the nation, including in Seoul, Gyeonggi, Gyeongsang and Jeolla provinces and Jeju Island. Among the customers listed were government ministers, presidential aides, senior officials with the police and the National Intelligence Service as well as some TV celebrities.

The case was first reported by online news provider Nocutnews. “A office worker notified us that he had accidentally found the compact discs in a garbage can in a backstreet on his way home. We asked GS Caltex to confirm it on September 4,” said a Nocutnews official. GS Caltex asked police to investigate the case on the morning of September 5.

Earlier that day, police sent a team of officers to GS Caltex to identify whether and how the personal information had been leaked. Police said they had confirmed that one of the two compact discs is a sample disc that contains duplicated files and they are now investigating whether the sample disc had been copied for its possible sale.

GS Caltex held a press conference on the afternoon of September 5. “After asking police to investigate the case, we conducted an internal probe and concluded that most (of the leaked data) is identical to the company’s customer data,” a GS Caltex official said. “The customer database is used for a bonus membership and mileage program, so it does not include information on credit card numbers or bank accounts. So far, there have been no signs of hacking and no reports of blackmailing or threats for money.”

GS Caltex said it had “apologized for causing customers to worry” and resolved to “handle the case transparently and fairly,” on behalf of its customers, while keeping an eye on the outcome of investigation.

Please direct questions or comments to [englishhani@hani.co.kr]