[WASC-WHID] WHID 2011-111: Hacker steals customer data from small brokerage

WASC Web Hacking Incidents Database wasc-whid at lists.webappsec.org
Thu May 19 09:32:50 EDT 2011


WHID 2011-111: Hacker steals customer data from small brokerage

Entry Title: WHID 2011-111: Hacker steals customer data from small brokerage
WHID ID: 2011-111
Date Occurred: May 19, 2011
Attack Method: SQL Injection
Application Weakness: Improper Input Handling
Outcome: Leakage of Information
Attacked Entity Field: Finance
Attacked Entity Geography: Seoul, South Korea
Incident Description: An unidentified hacker has broken into the computer
system of a small South Korean brokerage house to steal the firm's customer
data, the financial regulator said Thursday, adding concerns over financial
firms' computer security maintenance.
The Financial Supervisory Service (FSS) said the hacker infiltrated the
computer server of Leading Investment & Securities Co. and stole 12,000
customers' personal data last week. The stolen data includes their names,
social security numbers, addresses and phone numbers, it said.
Mass Attack: No
Reference: 
http://english.yonhapnews.co.kr/business/2011/05/19/85/0503000000AEN20110519
004500320F.HTML
Attack Source Geography:


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-whid_lists.webappsec.org/attachments/20110519/b13304b8/attachment-0003.html>


More information about the wasc-whid mailing list