Seoul: A series of hacking incidents targeting private companies has unsettled the public. The recent breach at KT, where attackers used portable base stations mounted on vehicles to hack customer phones, resembled a scene from a film. At least 362 customers suffered losses totaling about 240 million won. The damage spread beyond the initially reported areas in southern Seoul and parts of Gyeonggi to include districts such as Seocho and Dongjak in Seoul and Ilsan in Goyang. KT was also criticized for failing to promptly report that its servers had been compromised.
According to Yonhap News Agency, Lotte Card disclosed that the personal information of 2.97 million members-roughly one third of its customers-had been leaked. The size of the breach, 200 gigabytes, was more than 100 times greater than the amount first reported to regulators. Earlier, SGI Seoul Guarantee and other financial firms also suffered major hacking incidents.
In response, the government announced on Friday that it would tighten penalties for companies that delay or fail to report breaches and that it would launch investigations when hacking evidence surfaces, even without company notification. Still, tougher rules cannot be the only response. In an era of artificial intelligence, cyberattacks are becoming more sophisticated. It is time to review whether Korea's national security system functions as an integrated command center for both public and private sectors.
At present, the Korea Internet and Security Agency under the Ministry of Science and ICT oversees personal data breaches in the private sector, while the Financial Security Institute under the Financial Services Commission handles financial-related hacks, and the National Intelligence Service manages threats to public institutions and national security. Whether such a divided system can counter increasingly advanced cyberattacks remains in doubt.
Security investment should be a core responsibility of private firms. Yet the government must create the incentives that support it. The recent victims highlight different ownership models: Lotte Card is controlled by private equity, KT is a privatized former state firm, and SGI Seoul Guarantee is majority owned by the Korea Deposit Insurance Corporation. Regulators must examine whether corporate governance geared toward short-term profit undermined long-term investment in security.
In fact, after Lotte Card was acquired by MBK Partners, security spending reportedly dropped and the number of IT executives fell to among the lowest of major card companies. Each time a breach occurs, the government has defaulted to unilateral regulation to address public anger. That cycle should end.
Instead, Korea needs to establish a national security command center that coordinates across sectors and ensures companies have clear, rational incentives to invest steadily in cyber defense. The government must lead in building that framework.