According to a Korea Herald report, over 2,000 South Korean addresses and resident identity numbers were found to have been used in new accounts for the popular PC MMORPGs Lineage
and Lineage II
without the person's knowledge, in an unusual case of identity theft.
No financial or credit card information was stolen, according to the reports, and the hackers appear to have done nothing with the data other than use it to create illicit second or third accounts in the game.
According to NCsoft, around 500 users in the game are playing using the stolen data, which together with stolen mobile phone data was enough to register new accounts. Those whose hacked personal information was used to create the illegal accounts had never played the games before, and were unaware that their information had been used until the reports began to surface.
The source of the leaked data appears to have been an online shopping site, which like many Korean sites requires personal data to complete the transactions. News of the identity data leak has brought criticism of the standard policy of obtaining personal information when shopping, despite a general consensus among the online vendors themselves that the data is unnecessary.
"We can’t force them, but we have advised the companies not to request the names and resident registration numbers. In most cases, they really don’t need such data," said Korea Information Security Agency manager Chung Yeon-soo to the Korea Times. "And if the firms really need to identify the users, they should have other methods. It is not safe to use the resident registration numbers for identification as they can be obtained on the Internet so easily."