At least seventy percent of South Korea's population aged between 15 and 65 might have had their personal information exposed in a recent data breach.
A 24-year-old hacker, known by his last name Kim, along with 15 others, stole the information through targeted attacks on registration pages for online gaming, movie ticketing and ring tone download websites, according to Korea JoongAng Daily. The 27 million South Koreans' data includes names, resident registration numbers, account usernames and passwords.
Through the use of an "extractor," which allowed him to automatically log onto users' accounts after they used a site's registration portal, Kim purchased online game items and currency, and then later sold them for a profit of about $390,000.
He also allegedly sold the data to mortgage fraud groups and illegal gambling advertisers. All 16 suspects were arrested.
UPDATE: A Naked Security report from Sophos says that the number of records compromised is 220 million. Kim is also suspected of selling information to "mortgage fraudsters."