Popular Shopping Site Loses User Data That Goes Up for Sale
User data lost from Auction.co.kr has been posted on the Chinese Websites and made available for sale, raising concerns over possible damage from spam mail or voice phishing. According to South Korea's principal police officials, a theft occurred on the personal data of 10.81 Million users from the well-known Internet shopping site hosted in Korea, as reported by Donga on April 21, 2008.
According to the officials, the data post titled, "Buy Naver, Auction Ids at a good price", appeared on the Internet portal, 02SKY in China. The portal (O2SKY) is based in Jilin and established for ethnic Koreans living in China runs under the Yanbian autonomous branch of China Netcom.
According to sources from the industry, the personal information of the Auction users was stolen in February 2008. The data posting, which also offered the seller's contact details, was made on April 11, 2008 before being removed on April 20, 2008.
According to a source of the police, they had never known of 02SKY before this. However, they have confirmed those users' names from the Auction that were being traded on other Chinese sites.
The police source said that it is still not clear if the data lost in February 2008 was particularly responsible for the identity trade. Korean police have said that they would cooperate with Chinese investigators in the probe. It further said that since the posting was made on a Chinese Website, the stolen data presumably would be sold on other Chinese sites as well.
The number of victims in the theft counted to around 270,000. About 1,500 postings have indicated attempts of spam mail and voice phishing since March 6, 2008.
One of the victims, a woman, narrated how a man called her to tell that her brother was injured and so she should send 30 Million won right away. The lady said that the man knew her brother's name. And when she checked with Auction she found that her personal information along with her brother's had been captured.
However, according to an Auction source, since the passwords of the site are coded it is unlikely that the theft would initiate other crimes.
Related article: Popular Firefox Inching Towards Malware’s Target
» SPAMfighter News - 23-04-2008