Hanaro Telecom Leaked Subscriber Data, Police Say

Police said yesterday that Hanaro Telecom gave out the personal information of millions of its customers to telemarketing companies without permission.

The Seoul Metropolitan Police Agency booked without detention 20 former and current Hanaro executives, including the former CEO, on charges of providing 83.5 million pieces of personal data on six million customers to some 1,000 telemarketers.

This is Hanaro’s second offense for leaking customer information. In August last year, 13 of the company’s employees were indicted on charges of illegally using and leaking the personal information of 1.7 million customers to telemarketers.

Between January 2006 and late last year, the company is alleged to have transferred customer names, social security numbers, addresses and phone numbers to telemarketers. In turn, the telemarketing firms are known to have used the data to hawk Hanaro products, such as an anti-virus program, IPTV and fixed-line phones.

Police said Hanaro and the telemarketing firms shared the profits earned from using the information.

In September 2006, Hanaro also teamed up with Korea First Bank and offered the personal information of 960,000 subscribers to telemarketers to market the bank’s credit card from October 2006 to May last year.

The customer data that Hanaro leaked included those of customers who had canceled their subscriptions.

Korean law says phone service providers must immediately delete the personal information of customers who cancel their subscriptions.

A police officer said, “Since telemarketers that received subscribers’ information from Hanaro outsourced their marketing campaigns to smaller telemarketing firms, it is hard to know exactly how widely the leaked data has been distributed.”

“During the investigation, we notified Hanaro of the incident. But the company kept transferring customer information and instead blamed overly motivated branches. But we later found out that the company headquarters ordered the leaks.”

Hanaro responded by saying, “We will prove that our headquarters did not order leaks of customer information during the investigation. After the court renders its ruling, we will pay damages if necessary.”

Police also suspect that another big name communications company offered customer information to credit card issuers and insurers.

The domestic Web portal Naver said a lawyer has set up an online community (cafe.naver.com/hanarososong) to help the victims of the information leak sue Hanaro. About 400,000 users joined the community just four hours after it opened, and the figure is expected to rise.

sukim@donga.com nex@donga.com