So, that enormous data trespass that Korean online powerhouse Nexon revealed last week was bad. Bad enough to be the second-largest such incursion in Korean history. If you think that sounds like there've been some other big security breaches, then you're right.
A Korea Times article by Kim Tong-Hyung gives some context as to how bad corporate hack attacks have been in South Korea and why the risk is greater in the Asian nation:
At the core of the problem is that websites here have been permitted to zealously collect more personal information than they could possibility handle.
But despite this audacious lack of responsibility, authorities are moving to require the companies to squeeze even more data out of their users in attempting to control Web behaviour. Critics, held hostage by policymakers and their circular arguments over the years, appear to be too beaten down emotionally and intellectually to stand up and scream: Are you serious?
How many more massive data leaks will it take to finally convince everyone that the mountain of personal data floating out there really shouldn't be there? It's incredible that the government continues to let private companies collect this information and use it to generate profit when the data should be used for administrative purposes only,'' Jang Yeo-gyeong, a computer security expert at activist group Jinbo Net, said.
Even after the summer's epic PlayStation Network breach, it seems that many companies — and not just video game ones — still need to learn some hard lessons about how to manage user data.
Nexon case shows lax cyber security [Korea Times]