Billions Stolen from Nonghyup Accounts; Bank Not Responsible

Article from SBS CNBC:

Fifty People with Nonghyup Banking Accounts Insist the Money in Their Account Disappeared


Suspicions have been raised that savings from thousands to hundreds of millions won were stolen from people’s Nonnhyup bank accounts without their knowledge.

It has been assumed that hackers used pharming, but Nonghyup has consistently responded indifferently.

Reporter Lee has more.


These are the March transaction details for Mr.Kim, a victim of the hacking.

123 million won was withdrawn on March 15th.

There were nineteen withdrawal attempts, and more than eighteen times, a sum between 1.5 million won to 2.8 million won was withdrawn.

The transaction was completed in less than 30 min, from 4:32 p.m. to 5:01 p.m.

[Mr.Kim (60’s) : I dropped by the gas station but found out I had a balance of zero on my card. I want to kill myself just thinking of that day.]

The transactions were similar for Mr. Cha, another victim.

The transactions only happened on July 14th, which was 4 months after Mr. Kim’s savings were stolen.

Thirty-six transactions were done, and including withdrawals of 1.99 million won ($1,990) and 2.02 million ($2,020) won, a total of 80 million won was stolen.

[Mr. Cha(40’s): Though it has been 6 months since July when the money was stolen, my life is a mess. I can hardly sleep, and I’m receiving psychotherapy at the moment. I can’t answer the phone and I’m even terrified to read text messages. What have related financial agencies done about the money being stolen?

Nonghyup sees the incident as a case of pharming.

Therefore, it is the customer’s fault, not the bank’s fault, and the bank is not responsible for this case.

[Nonghyup staff: We requested compensation, however, the insurance company denied our request. It’s because this is a typical pharming case and customers entered their personal information themselves..

At the moment, there are about fifty confirmed victims including two previous cases.

The withdrawal amount known so far is in the billions, but no one knows what the actual total will come out to be.

Comments from Daum:


Damn, not just 1 person but 50 people. Can we really call Nonghyup a bank? Nonghyup should apologize and prepare countermeasures to prevent further disasters.


I need to switch my main bank tomorrow…


Zero responsibility for Nonghyup? I wonder how Nonghyup will get people to make deposits from now on.


Nonghyup is crazy but the government ignoring this case is crazier.


Nonghyup is the one to be blamed. This is so evident because money was taken from an account where the owner didn’t do anything.


Nonghyup, OUT.


Banks are asking customers to give all their personal information, but they don’t blink when this kind of accident happens. Aren’t they still your customers? Ugly ones..


Just like last time, Nonghyup turned a blind eye. I need to change my bank because I can’t trust it anymore. If an incident happens, Nonghyup will blame the customers.


I have an inactive Nonghyup account. I need to visit Nonghyup to cancel it tomorrow.


Nonghyup doesn’t have basic bank standards.


You leaked customer information, but you’re not responsible for the accident? Did the customer leak their own personal information?


In 2011, when its computer network was shut down, their response was disappointing. So I changed from Nonghyup to another bank near my place. I think I did a good job.


Anyone who has an account at Nonghyup should withdraw all their money. Victims continue to appear.


If someone who borrowed money from Nonghyup got it stolen, he doesn’t need to pay it back? huh?


Nonghyup has become a place only for Chinese swindlers. I feel suffocated.


If the situation has come this far, the person who uses Nonghyup should be blamed.


I used Nonghyup for fear of thieves breaking into my house. But now where am I supposed to deposit my money? Should I bury it in the garlic field? If the bank refuses to take responsibility, who is responsible for the accident?

Share This Article
Help us maintain a vibrant and dynamic discussion section that is accessible and enjoyable to the majority of our readers. Please review our Comment Policy »
  • commander

    Those who have their deposits stolen by frauds suspect a personal information leak by hackers as without that speculation they can’t explain how their money got out of their bank accounts.

    But the problem with their suspicion is that they can’r prove their claim that a breach of the computing network at the major bank brought about a leak leading to unlawful withdrawal of their money from their bank accounts without their knowledge.

    The bank, of course, is skeptical of such a claim, saying that personal information is exposed by customers while their security has never been broken.

    The article doesn’t elaborate on how bad guys withdrew money from ATM.

    Isn’t it impossible to take out money from ATM without a credit or debit card and its password?

    How did con artists sneaked money from bank accounts of victims?

    • Chucky3176

      Could have been hacked any number of ways. Hackers could have directly hacked into the bank’s site. Or hackers sent viruses to unsuspecting bank customers to retrieve their passwords. Or hackers got the accounts by attacking computers of bank users, exploiting the Korea’s notorious Microsoft Internet Explorer or Active-X programs.

      The government and the police really should step in and investigate where the fault lies. And if this is a breach of security problem, then the bank should still be held accountable and slapped with a huge fine PLUS return of lost funds AND compensation.

      • commander

        I am not siding with the bank.

        As we all know, in a sharp contrast to the national reputation as the most wired country in the world, private information is found to be vulnerable to hacking attacks, which is attested to by multiple infiltrations by hackers into banks causing massive leaks of customers’ private information.

        Security reinforcement is an imperative for South Korea.

        What I want to say is that in a grim reality, the bank will not make up for lost deposits for victims just because they claimed their money vanished into thin air.

        In an anticipated response to the bank security breach claim, the bank will say that if there is a hacking attack, as victims allege, why don’t our other customers have similar troubles?

        • Eric0912

          But how on earth are customers supposed to prove their innocence, or even someone else’s guilt …? In order for the masses to trust banks with their money, I think the banks have to be quiet and pay up when these rare things happen.

          • commander

            The first thing the victims have to do is to figure out how the money was withdrawn from their bank accounts by requesting the transaction records about it.

            Then, the victims, if they confident there is no mistakes like accidental exposure of their private information, have to file a complaint with the police over the stolen money.

            The police, possibly in collaboration with government financial watchdogs, should investigate whether there is any security lapse by the bank, and delve into what happened and who was responsible for the disappeared money.

          • Eric0912

            Proving one’s innoncence … how does that sound? It’s a terrible hassle, and if banks actually asked their customers to jump through those hoops – they’d lose them, The banks earn a lot of money on people using electronic money instead of cash, and I don’t think they’d want to risk people seriously losing confidence in those systems.

          • Chucky3176

            If they got your money because of your poor security on your computer or smartphone, it’s not the bank’s responsibility.

          • Eric0912

            That’s one way to argue, sure. But I don’t think it’s a matter of responsibility. Again, if they want everyone between 5 to 85 to use their electronic services, it’s simply not a reasonable demand.

    • RegisterToPost

      Korean banks are notorious for failing to implement the most basic of information security practices. The major credit card breach at the beginning of this year was caused by a contractor uploading a Trojan with, of all things, a USB stick.

      I have read stories of foreign IT consultants coming in, attempting to set some standard of IS here, and ending up giving everyone admin because the poorly written software here demands it and won’t function without it.

      What is particularly obnoxious is that these banks then turn around and demand a PKI certificate password, a “safety card” number, and re-entering the PKI password again for a simple money transfer. Why can’t they make the employees do the same thing for simple transactions?

  • Small twon

    There are news said victim’s phone was hacked by cracker and IP address shows it’s from China.

    • Black_Plague

      Always trust a Chinese hacker to ruin your day via the Internet big-time :3

  • Goose

    Logging in to my Korean account with internet banking is insane. YOu have to download like 5 seperate “safety” programs. Yet this shit still happens.

    Off topic, but a symptom perhaps, Korean Internet is a closed loop and seems that the IT industry here is like 10 years behind other countries. Even in terms of basic web design. Everything is messy and cluttered. Like it’s 2002 or something .

    They really need to let go of the IE/activex crutch.

    • Chucky3176

      Agreed on IE/active X crutch and security issues in Korean websites, but foreigners complaining about Korean web designs being cluttered, is just matter of taste. Koreans love bling bling in your face graphics everywhere pages. They hate boring one static pages that loads in 2 seconds, that Westerners think is the best design. When Koreans completely outstrips the West in number of online transactions, it’s hard to argue that Western style simple clean minimalistic designs will work with Korean online customers who expect attention grabbing graphics to come at their faces.

      • Goose

        Yes, you are right. It is a matter of taste.
        I guess though, from an objective standpoint, the pages are so busy flashing text, autorun videos, tiny text, boxes etc, it just makes it difficult to focus on what you are actually looking for.

        I think the number of online transactions has no relation to web design. There are lots of reasons why Koreans have taken to online shopping so strongly. The main one being convinience, with long work days and commitments, tierdness……

        But yes, you have a point about design tastes.

        • Chucky3176

          The streets and buildings with so many busy commercial signs advertising piled up on each other, LED lights flashing, people distributing flyers then spilling them all over the streets, store front owners and clerks clapping their hands shouting about their products on sale (sometimes even practically pulling your hands to force you into their stores), or the vegetable/fruit trucks that blaring through loudspeakers as they make their ways through the neighbourhoods.. and on and on.. It’s all noise marketing which also extends into the media and onto the online world as well. For someone new to Korea, this may all look like one big loud mess, and some people will get used to it in time, while others will still hate it. But this is one characteristics of Korea, what can you do?

  • Smith_90125

    bank run (n.) The concerted action of depositors who try to withdraw their money from a bank because they think it will fail

    When people think a bank will fail, they start withdrawing money. The withdrawal of money in substantial amounts then causes the bank to fail.

    If you’ve got money in there, you’d better hit the ATMs and get out as much as you can while you can. If you think it’s bad that people’s money was stolen by theft and the bank permitted/participated/perpetrated it, just wait until the bank collapses and you get nothing. Not even the government in Seoul will do anything.

  • waygookinhanguk

    Nonghyup is by a long way the worst major bank in Korea. They are involved in security breaches more often than the others and no two branches are the same, often redirecting you to another one the other side of town for what would be a basic and routine function in the Western banking system. All of them will open an account for you though, funny that.

  • agentS

    So glad I dropped nonghyup last year. Unfortunately, some schools require Nonghyup as the bank to which they send payment. I don’t know how many schools require ONLY nonghyup, but at the places I worked at, I had Nonghyup at the time, so I wasn’t aware of the restriction. When I got a new job long after closing the Nonghyup account, I was told I had to have Nonghyup, but I was also given an option of a regional bank. I took the regional bank option. I never see that bank on the news so it must be halfway decent.

  • I have more questions than answers. I know for a fact that Canadian banking is smooth and reliable. You can set how much money you are allowed to use to pay for items. For example, you can tell the bank that your credit card is not allowed to pay anything higher than $500 per purchase and what not.

    I’d like to understand what is the difference between Japanese banks and Korean banks. Are Japanese banks better than Korean banks, or is it worst?

  • Balkan

    No news about the Korean Air executive and the “macadamia nuts” scandal?

Personals @ chinaSMACK - Meet people, make friends, find lovers? Don't be so serious!»