Breaches have consequences: Watchdog penalizes Hyundai Capital after data leak

A follow-up to the Hyundai Capital breach first disclosed in April. At the time, Hyundai reported that approximately 420,000 of its 1.8 million customers had their names, resident registration numbers, mobile phone numbers and email addresses compromised by hackers. Now Yonhap News reports:

South Korea’s financial watchdog on Thursday decided to issue an institutional warning to Hyundai Capital Services Inc. and reprimand its chief, holding them responsible for a major hacking attack at the biggest local consumer finance firm earlier this year.

The personal information of some 1.8 million Hyundai Capital customers was compromised in an April hacking attack, in which the hacker implanted a malicious code in the company’s website to break into its data storage system.

Holding a disciplinary meeting, the Financial Supervisory Service handed down the penalty to the consumer finance firm while issuing a cautionary warning to Hyundai Capital President Chung Tae-young, a penalty which is lighter than the market generally expected.

The decision bans the company from buying a stake in other companies for three years and makes it hard for the firm to enter into uncharted business sectors for six months. The punishment for Chung does not have any tangible effects, but could tarnish his image at the helm.

Market analysts said the security breach at Hyundai Capital is feared to hinder the firm’s plan to make inroads into the European and other overseas markets for consumer finance jointly with its affiliate carmaker Hyundai Motor Co.

Wow. It’s one thing when our FTC imposes conditions such as audits for 20 years, but to prohibit a company from buying a stake in other companies strikes me as pretty severe. Can any reader recall any comparable situation in the U.S.?

About the author: Dissent