Police said that the hackers created a computer program to penetrate KT’s firewalls and harvested personal information on mobile phone users from February to July of this year, according to a report by the Korea Herald newspaper.
The information included name, mobile phone number, membership number, personal identification number, and mobile phone serial number.
The hackers, who operated a telemarketing firm, used the information to carry out mobile marketing activities and also sold the hacking program and subscriber information to other telemarketers. The hackers reportedly made more than 1 billion won (~$870,000) in profits.
“(The operator) disguised himself as a local KT branch manager when accessing the database and took the information gradually rather than conduct a simultaneous and large-scale hacking. Had he conducted some mass leak, he would have been caught a long time ago”, an NPA officer said.
Government investigators have also launched an investigation into KT for negligent management of firewalls and failure to protect personal data of subscribers, according to the newspaper.
“After detecting the abnormality, the company on July 13 referred the case to the police. We have blocked all possible data leaks since then. We are sorry to have burdened our customers with concerns”, KT said in a press release.