Preventing Security Incidents… Korea Loan Finance Association Urges Member Firms to Strengthen Cybersecurity

The Korea Loan Finance Association has urged all member firms to strengthen security measures following a recent hacking incident at a major member company. A subsidiary of a loan company was recently hacked, exposing personal information such as customer names and resident registration numbers.

According to the association on the 27th, the hacking incident was traced to malware infection that occurred when an employee accessed an internet site from a work PC that was not separated from the internal network.

To prevent further damage, the association asked member firms to immediately implement security measures.

It also called for tighter restrictions on internet and messenger access from work PCs, urging firms to strictly control access to messenger apps such as KakaoTalk and external websites at a level comparable to network separation.

In addition, to strengthen access control for internal systems, it recommended minimizing access rights to internal business systems and databases and reviewing the criteria for granting permissions.

The association also advised firms to inspect the operation of intrusion prevention and detection systems and to run firewalls and other intrusion prevention and detection tools thoroughly.

It further urged firms to comply with the technical, physical and administrative security measures required under the Credit Information Use and Protection Act in order to encrypt personal credit information. It also requested stronger encryption measures for customers’ personal credit data.

An association official emphasized, “As additional hacking incidents could occur at any time, we hope member firms will do their utmost to prevent security incidents.”

This article has been translated by GripLabs Mingo AI.