massive

SEOUL, Dec. 26 (UPI) — Shinhan Card, one of the country’s top credit card issuers, reported a massive data leak Tuesday.

The Seoul-based company said more than 190,000 cases of potential data exposure have been identified that involve merchant partners’ personal and business information.

The incident seems to stem from employee actions rather than an external cyberattack. Against this backdrop, Shinhan Card CEO Park Chang-hun issued a formal apology.

“We would like to express our deepest apologies,” he said. “Upon discovering the incident, we immediately took measures to block any further leaks and completed a thorough review of our internal processes.”

“To ensure the protection of personal information in the future, we will conduct a full investigation into the cause and circumstances of the leak and strictly discipline the employees involved,” he said.

Despite the steps, criticism intensified as a series of security failures have taken place throughout this year.

In late November, the country’s leading online retailer, Coupang, acknowledged that the names, email addresses, phone numbers and delivery addresses of 33.7 million customers had been leaked.

The New York Stock Exchange-listed corporation could face fines amounting to a maximum of 3% of its related revenue, which is levied by the state-run Personal Information Protection Commission.

Since Coupang logged sales of some $28 billion in 2024, potential fines could surpass $800 million.

Earlier this year, SK Telecom admitted that a cyberattack had breached its network, exposing sensitive data and compromising critical information of about 23 million subscribers.

As a result, the top mobile operator was fined $92 million and ordered to suspend adding new customers for nearly two months, in accordance with government guidelines.

Criticizing companies that failed to protect customer information, Prime Minister Kim Min-seok vowed to more than triple the fines for similar violations.

“Urgent legislative tasks, such as the introduction of punitive administrative fines, will be swiftly advanced so that they can be passed as soon as possible,” Kim said at a government meeting Wednesday.

“For repeated and serious violations, we will introduce punitive fines of up to 10% of a company’s total revenue and strengthen the obligation to notify individuals of personal data breaches,” he said.

When corporate data leaks are reported, the South Korean government is quick to lash out at companies. However, critics argue that the government and state-operated organizations have failed to adequately protect their own data.

In 2021, the Atomic Energy Research Institute, the state-run outfit responsible for nuclear power research, was breached by a suspected North Korean state-backed group through a virtual private network server.

Last year, police found that North Korean hackers had stolen data from the National Court Administration during June 2021 and January 2023. The compromised data exceeded 1 terabyte, equivalent to more than 1.5 billion pages of documents, including personal information.

Despite these threats, the government is reluctant to spend more money to mitigate cybersecurity risks.

For example, the Seoul administration cut the 2026 budget for the operation and maintenance of integrated security control centers run by local governments by almost 30% compared with this year.

It also reduced the 2026 budget for reinforcing security and protection facilities at government complexes by more than 40%.

This contrasts with the 8.1% year-on-year increase in the national budget for 2026.

“When hacking incidents occur, harsh penalties are imposed on private enterprises. For government agencies, however, it seemingly ends up with only a slap on the wrist. Such asymmetric punishments are not difficult to understand,” economic commentator Kim Kyeong-joon, formerly vice chairman at Deloitte Consulting Korea, told UPI.

“Moreover, the government is required to strengthen the country’s cybersecurity infrastructure. And leaks of public data or documents are even more dangerous when they are related to national defense. I wonder whether our government is doing enough in these areas,” he said.

Park Tae-hwan, head of the AhnLab CyberSecurity Center, called for stronger efforts to counter online threats and data breaches. AhnLab is the country’s leading cybersecurity vendor.

“Following a series of cyber intrusion incidents of late, regulations centered on bigger fines and punitive measures have come to the forefront, raising the burden on companies,” Park told UPI.

“To enable a meaningful shift in perception, a parallel policy approach is needed, like one that provides incentives to companies with strong security practices, thus encouraging greater voluntary investment in cybersecurity by the private sector,” he said.

Dec. 18 (UPI) — The United States has approved a massive $11.1 billion arms deal with Taiwan, the self-government Asian island announced Thursday.

The U.S. Congress was informed of the sale on Wednesday, the president’s office said in a statement.

The package includes eight items, such as HIMARS rocket systems, TOW missiles, Javelin anti-tank missiles, anti-armor loitering munition systems, spare attack helicopter parts and the Taiwan Tactical Network military communication platform and Tactical Awareness Kit, among other lethal equipment.

Taiwan’s foreign ministry said in a statement that it “welcomed” the announcement and expressed its “sincere appreciation for the United States’ long-standing support for regional security and Taiwan’s self-defense.

The arms sale is the second to Taiwan of President Donald Trump’s second administration and comes as China increases its military pressure on the self-governing island.

Hours prior to the deal being announced, Taiwan’s Ministry of National Defense said 40 sorties of Chinese fighter jets and eight navy vessels were detected operating around the island. Of the fighter jets, 26 had crossed the median line and entered Taiwan’s northern, central, southwestern and eastern Air Defense Identification Zone.

A day earlier, 23 sorties of fighter jets were detected and nine fighter jets and seven navy vessels were spotted a day before that.

China views Taiwan as a breakaway province and has vowed to take it back by force if necessary. Taiwan is a self-governing island that Beijing has never ruled.

The office of Taiwanese President Lai Ching-te said the arms deal highlights the close partnership between the two countries and demonstrates “the importance the U.S. government attaches to Taiwan’s national defense needs.”

Presidential Office spokesperson Karen Kuo added that due to increasing security concerns, Taiwan will raise defense spending to more than 3% of GDP next year and aims for it to be 5% by 2030.

“Taiwan will continue to reform national defense, strengthen whole-of-society defense resilience, demonstrate our determination for self-defense and maintain peace through strength,” Kuo said.

The U.S.-Taiwan Business Council said it was a record single U.S. security package for Taiwan and was in response to the threat posed by China and a potential Beijing ground invasion.

“We continue to see the prioritization of platforms and munitions that address a D-Day-style attack on the island,” USTBC President Rupert Hammond-Chamber said in a statement.