LeadCorp, the leading lending company in South Korea, has faced a severe security breach involving its wholly-owned subsidiary, NR Capital. Cyber attackers reportedly targeted the company, resulting in the potential leak of sensitive customer credit information. The Financial Supervisory Service (FSS) has initiated an on-site investigation following the incident, which was uncovered after the Financial Security Institute identified signs of data leaks on the dark web. The incident is categorized as a 'ransomware-type' attack, as hackers attempted to extort the company by revealing some customer data and demanding payments.

The investigation revealed that hackers initially released information for four customers as a sample to pressure the company, subsequently escalating their tactics by disclosing details of 39 more individuals after the company refused to negotiate. The leaked information comprises sensitive data, including personal identification numbers, contact details, employment information, annual income, and critical financial transaction details such as credit scores, loan amounts, and bank account numbers. This information raises concerns over potential financial fraud and further victimization as the exposure includes highly sensitive personal financial data.

The hacking incident is believed to have originated from an employee's inadvertent installation of unauthorized software, leading to malware contamination within company systems. In response, NR Capital has acknowledged the illegal intrusion and is actively working with external security experts to investigate the breach. They have clarified that they are reinforcing security measures, blocking the intrusion pathways, and guiding customers to be cautious of phishing attempts through calls, texts, or suspicious links. The FSS is set to conclude its on-site inspection this week and will consider extending the investigation if necessary.