South Korea Hit by 5,707 Online Card Theft Cases
South Korea’s financial authorities are warning consumers about a major cybersecurity incident. The Financial Supervisory Service (FSS) has identified a significant cyberattack affecting thousands of online shoppers, with hackers stealing credit card data and personal information from multiple domestic shopping sites.

By June 29, the FSS and Financial Security Institute had confirmed 5,707 cases of compromised credit card and personal data. The breaches came from both direct hacking and sophisticated phishing attacks targeting South Korean online shopping platforms.

How the Attack Worked

Attackers targeted shopping sites with weak security protections and inserted fake payment screens directly into the checkout process. When users attempted to pay, they encountered what appeared to be a legitimate payment page asking for sensitive information.

The phishing pages requested details that legitimate transactions never need, including:

  • Full resident registration number
  • All four digits of the card password

After victims entered this information, the page displayed a payment error message and redirected to the real payment system. This sleight of hand made it difficult for users to realize they had just handed over their data to criminals.

What Authorities Are Doing

The FSS, card companies, and the Financial Security Institute have launched an immediate response:

  • Blocking fraudulent transactions before they clear
  • Suspending compromised credit cards to prevent further abuse
  • Notifying affected customers directly
  • Reissuing cards to all victims
  • Sharing stolen data with card issuers to prevent unauthorized transactions and account takeovers

What Consumers Should Do Now

Stop any payment that asks for unusual information. If a payment screen requests your full resident registration number or card password, abandon the transaction immediately and contact your bank. These are red flags for phishing.

Request a card reissue and change your PIN. If you suspect you were compromised, call your card issuer right away. Do not wait to see if fraudulent charges appear.

Update passwords. If you use the same password across multiple websites, change all of them. Stolen card data may have exposed usernames and passwords for other accounts.

Report fraud. If unauthorized charges appear on your account, call the integrated reporting center at 112 to request an immediate payment suspension. Gather documentation of the fraudulent transaction and submit a compensation claim to your card issuer. Under South Korean law, card issuers must compensate victims for unauthorized charges unless the consumer was negligent or acting with intent.

The Bigger Picture

This incident highlights a persistent vulnerability in e-commerce security. Attackers continue to exploit gaps in site protections and user vigilance by injecting convincing fake payment pages into legitimate shopping flows. The scale of this breach suggests weak security across multiple platforms, a systemic issue that goes beyond any single company’s neglect.

Consumers in South Korea should assume their data may have been compromised and act defensively until the full scope of affected sites becomes clear.

Follow Hashlytics on Bluesky, LinkedIn , Telegram and X to Get Instant Updates