ISPs Eyed in ID TheftISPs Eyed in ID Theft
Two Korean ISPs alleged to have signed more than 7M customers up for new services without their permission
August 9, 2007
5:40 PM -- A truly disturbing report came out of Korea earlier today. Here's how it was reported by the trade pub IT Week:
Police are investigating South Korea's two biggest ISPs on suspicion that they broke identity theft laws on more than 7 million occasions. The two companies, KT and Hanaro Telecom Inc., are suspected of signing up more than 7 million customers for services without their permission, according to police sources cited by local media today.
Many of the company's Internet service customers were apparently illegally signed up for additional services by telephone sales agents, who did not obtain the written consent required under law, police say. Reports say the two ISPs may have illegally signed up 7.3 million of the 10 million households and businesses in the country that rely on them for Internet service.
More than 60 employees and agents working for the two firms are now being questioned by police. KT has announced that it is cooperating with authorities and that it will improve internal data security procedures. Hanaro Telecom CEO Park Byung-Moo made an apparent apology at a press conference today, saying "he feels sorry to customers for causing such trouble," according to the Korea Herald.
The two companies provide a wide variety of services through their Web portals, including email, auctions, and games. Many of these services are free or advertising funded, although some require payment. It is not yet clear if any customers were illegally signed up for paid services.
"Even though subscribers are not aware they are internet site members and do not visit them, the high number of members itself can give website operators sales and marketing power in pushing for contracts with other businesses, for example, in advertising," detective Jeong Hyung-Won of Seoul's cybercrime investigation team told the Korea Herald.
Hanaro Telecom has also been accused of illegally sharing subscriber contact information with outside firms, which then contacted the customers in an attempt to sell products to them.
Why is this story so disturbing? Because we all have such trusted relationships with our ISPs. They not only hold our personal data, but they know where we Web surf, and when. Because in some cases, they have access to home and banking information.
If the allegations turn out to be true, I hope it will lead to a closer investigation of ISP practices worldwide. This is a category of companies that we can't afford not to trust.
— Tim Wilson, Site Editor, Dark Reading
Read more about:2007
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks