Lotte Card reports cyberattack after malware found on internal servers last month

Lotte Card headquarters in Jung District, central Seoul [YONHAP]

 
Lotte Card reported a cyberattack after detecting signs of a breach in its internal servers late last month. The company filed the case with the Financial Supervisory Service (FSS) on Monday.
 
The attack involved attempts to implant malware in company servers and steal internal data. Lotte Card said that during a server inspection on Aug. 26, it discovered malicious code on one server and subsequently conducted a comprehensive review of its systems.
 
 
The company found two types of malware and five types of web shells on three servers, which were subsequently removed. A web shell is a type of malicious code that enables hackers to control a web server remotely.
 
Traces of an attempted data exfiltration were also detected on the company’s online payment server on Sunday. However, Lotte Card said no key customer information has been confirmed as leaked, nor has any serious malware such as ransomware been detected.
 
The FSS moved quickly to verify the report. On Tuesday, the regulator will begin an on-site investigation at Lotte Card.
 
“We had received the hacking report and were aware that no signs of customer data leaks had been found so far,” said an FSS official, speaking on condition of anonymity. “IT experts will conduct a detailed review to rule out the possibility of personal information leaks or further infections.”
 
As of 2024, Lotte Card had 9.57 million customers, with a market share of 10.1 percent in terms of credit sales.

This article was originally written in Korean and translated by a bilingual reporter with the help of generative AI tools. It was then edited by a native English-speaking editor. All AI-assisted translations are reviewed and refined by our newsroom.
BY YEOM JI-HYEON [[email protected]]