SEOUL, South Korea — South Korean police said Thursday that the North’s main intelligence agency had stolen the personal data of more than 10 million customers of an online shopping mall in the South, in what they said was an attempt to obtain foreign currency.
The online mall, Interpark, was subjected in May to an online attack on a server that contained customers’ names, email addresses, telephone numbers and other personal data, the National Police Agency said.
Interpark did not learn about the breach until July 11, when it received an anonymous message threatening to publicize the leak of personal data unless it paid the equivalent of $2.6 billion in South Korea’s currency, the won. After the attack was reported, thousands of Interpark customers threatened to sue for damages. Most of the customers whose data was stolen were South Koreans.
On Thursday, the National Police Agency attributed the attack to the General Bureau of Reconnaissance, North Korea’s main spy agency. It said the intrusion had used some of the same code and IP addresses as in previous digital breaches attributed to the North.
The message sent to Interpark also used vocabulary specific to the North Korean dialect, the police agency said.
The United States blacklisted the General Bureau of Reconnaissance after North Korean hackers were accused of breaking into the computer network of Sony Pictures in 2014.
It was unclear Thursday whether, or how, the hackers had exploited the stolen data, other than in their effort at blackmail. But it showed that the North, whose access to hard currency has been hampered by sanctions over its nuclear arms program, was “using computer hacking technology to try to steal our people’s property in a criminal act of earning foreign currency,” the police said in a statement.
South Korea has blamed the North for a number of online attacks on banks, government websites and media companies since 2008. In March, its intelligence agency told lawmakers that North Korea had broken into the mobile phones of 40 national security officials. The North denied that accusation.
In May, researchers working for the digital security firm Symantec said that they had found a potential link between North Korea and a recent spate of digital breaches of Asian banks, including one against the central bank of Bangladesh in February that resulted in the theft of more than $81 million. They said the intrusions appeared to be the first known case of a nation using digital attacks for financial gain.