| Lee Chan-jin , governor of the Financial Supervisory Service, speaks during a meeting with credit card and non-bank lenders, held at the headquarters building of the Credit Finance Association in Seoul, Tuesday. (FSS) |
Korea’s top financial regulator warned credit card and non-bank lenders on Tuesday that even a single cybersecurity failure would be unacceptable, telling CEOs to personally inspect their defenses as the industry reels from a string of data breaches.
Financial Supervisory Service Governor Lee Chan-jin told 14 consumer finance company chiefs that the sector must adopt a “zero-tolerance” principle on data protection, given that card issuers handle the personal information of nearly all Koreans.
“Credit cards are a universal payment tool, and consumers choose financial firms on the basic assumption that their data will be safe,” Lee said. “Just as no one would deposit money in a shaky bank, no one will use a financial company with weak information security.”
The remarks follow a series of hacking incidents that have shaken Korea’s financial sector. Most recently, Lotte Card disclosed a breach affecting its 9.65 million members in September, the third major case since July, after SGI Seoul Guarantee and Welcome Savings Bank Group.
The attacks have kindled concerns that cybersecurity remains a weak link in Korea’s finance industry, which has long been a prime target for hackers due to its troves of personal data.
The latest breach has revived memories of a 2014 scandal in which tens of millions of NH NongHyup, KB Kookmin and Lotte card records were leaked, prompting regulatory overhauls.
Lee said firms must use the Lotte case as a “painful lesson for self-reflection” after years of chasing short-term profits at the expense of long-term IT investment.
“Spending on cybersecurity is not an expense but a survival cost and a core investment,” he said. “Executives must reexamine their infrastructure from the ground up, guided by a zero-tolerance principle that allows no accidents.”
He warned that the FSS will “meticulously monitor compliance and hold companies strictly accountable” for breaches, pledging “severe responsibility” for violations.
Lee also pressed firms to make it easier for customers to block or reissue cards during emergencies, citing complaints over limited access during nights and weekends.
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
'">
.png?type=nf190_130)
