Cyber IDs of 2/3 Korean population put at risk

In reaction to a privacy breach, the Korean Home Affairs Ministry has stated it will consider phasing out the real-name verification mandate. Last month, hackers breached one of South Korea's most popular Web portals and stole personal information from over 35 million users including their name, address, phone number, and their resident registration number, the Korean equivalent of an American's Social Security number. In part, the personal information was so comprehensive because the Korean Government has an authentication policy that requires larger Korean Internet sites to authenticate users' identities.

The site that was hacked, Cyworld, is a social networking service operated by major local carrier SK Telecom. It's one of the three most popular sites in South Korea. In all, the identities of over two-thirds of the Korean population might have been compromised.

The real-name policy was introduced by the Korean government in 2007. It required all Websites with over 100,000 visitors per day to authenticate their user's identities. The intent was to limit online anonymity and promote cyber responsibility, but an unintended collateral effect was that these Web service providers often maintained the database with the sensitive personal information for several years, making it an obvious target for hackers and identity theft.

By Electronista Staff