Thursday, 28 July 2011

Data stolen from 35 million South Korean social networking users | Naked Security

Data stolen from 35 million South Korean social networking users

Facebook logoOver 30,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest internet and Facebook security threats. X

Twitter logoHi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. X

YouTube logoDon't forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. X

RSS logoHi there! If you're new here, you might want to subscribe to the RSS feed for updates. X

Filed Under: Data loss, Featured, Privacy, Social networks, Vulnerability

Hackers have broken into the popular South Korean websites Nate and Cyworld earlier this week, and stolen information about 35 million social networking users.

Names, email addresses, phone numbers and resident registration numbers of users are said to have been compromised.

The BBC reports that the Korean Communications Commission has pointed the finger of blame at Chinese hackers, after it was discovered that the IP addresses of intruding computers were based in the country.

SK Communications, which owns both websites, have published an apology in the form of a website pop-up which offers more information (sorry, it's in Korean), including links for how users can change their passwords.

Warning message

For those who have been brought up with social networks like Facebook, Cyworld may seem a very strange environment with its Sims-like characters and virtual departments.


Although its US launch some years ago was unsuccessful, Cyworld is a phenomenon in South Korea with an astonishing 35 million users - a staggering figure when you consider the country only has a total population of 49 million people.

Let's just reiterate that. 49 million people live in the country, 35 million of them have had their personal information exposed because of this internet hack.

Wow. That's amazing. And not in a good way.

The most obvious danger is that users of the websites may be targeted by spam and phishing attacks through no fault of their own. Once again, a social network has done a poor job at protecting its users' information, and it's the public which has to carry the burden.

, , , , ,

About the author

Graham Cluley is senior technology consultant at Sophos. In both 2009 and 2010, the readers of Computer Weekly voted him security blogger of the year and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which is very cool. His awards cabinet bulging, he was voted "Best Security Blogger" by the readers of SC Magazine in 2011. You can contact Graham at, or for daily updates follow him on Twitter at @gcluley.