Cyber Incident Victim: Korea Advanced Institute of Science and Technology
Date:
Nov 2015
Location:
South Korea
Summary
A cybersecurity breach at the Korea Advanced Institute of Science and Technology compromised credit card information belonging to students and faculty, with approximately 20 initial victims reporting unauthorized small transactions processed in Japan. The fraudulent charges, detected via text alerts, prompted credit card companies to block further transactions from the affected accounts. Investigations suggested the data theft originated from a compromised card reader at a campus-adjacent store in Daejeon, where the attacker appeared to conduct test payments. The institution anticipated additional cases as awareness increased and urged affected individuals to report incidents to authorities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In November 2015, the Korea Advanced Institute of Science and Technology (KAIST) confirmed a credit card data breach affecting students and faculty. The incident came to light on Wednesday evening when multiple students received text message alerts about small overseas transactions on their credit cards, primarily charges of 1 or 2 yen processed in Japan. Approximately 20 individuals were initially identified as victims, though KAIST officials cautioned this number could increase as awareness spread. The compromised credit card information enabled unauthorized payments, though the financial impact per transaction remained minimal. Credit card companies responded swiftly by blocking further transactions originating from the suspicious card reader implicated in the breach.
Investigations revealed the data theft likely occurred through a compromised credit card reader at an unspecified store near KAIST's Daejeon campus, with evidence suggesting the hacker was testing stolen card details through small-value international transactions. While most victims were students, faculty members also reported unauthorized charges. KAIST formally notified affected individuals and coordinated with financial institutions to halt fraudulent activity. The institute urged additional potential victims to report incidents directly to campus authorities and local police for documentation and investigation. No technical details about the card reader compromise or the attacker's identity were disclosed publicly during the initial response phase.