The Shinhan Card data breach involved the unauthorized disclosure of personal details of around 192,000 merchants, primarily phone numbers and some names. The incident was caused by employee misconduct, not an external cyberattack, highlighting insider risks in financial institutions. #ShinhanCard #InsiderThreats
Keypoints
- The breach exposed mobile numbers and limited personal details of merchants contracted between March 2022 and May 2025.
- Shinhan Card confirmed that no sensitive financial information such as bank accounts or credit card numbers was compromised.
- The incident was caused by internal misconduct, with an employee transmitting data to a card recruiter.
- The company reported the breach to the Personal Information Protection Commission and cooperated with authorities.
- Shinhan Card is strengthening internal controls and urging merchants to remain vigilant against phishing attempts.
Read More: https://thecyberexpress.com/shinhan-card-data-breach/