South Korean data breaches leave every citizen's ID at risk

There are big data breaches, and then there are massive, nation-changing data breaches. South Korean officials have warned that hacks targeting the country's national ID number system were so damaging that the government may not only have to revamp how it issues ID numbers, but hand out new ones to every citizen. That could cost the equivalent of $650 million by itself, and businesses might have to spend billions of dollars upgrading their systems to match -- you need that ID for many basic tasks in South Korea, so it's not just a question of a simple software fix.

A large part of the problem stems from the nature of the identity system, which was created in the 1960s as a reaction to a North Korean assassination attempt. Rather than issue arbitrary or random digits, South Korea creates numbers based on your birth date, sex and other key details. As such, they're both easily linked to a given person and impossible to change; if thieves get yours, you may never be safe. This isn't helped by the country's long-time reliance on Microsoft's ActiveX web code for online shopping. The signature you need to shop is little more than a password, and ActiveX is vulnerable enough that Microsoft itself has been backing away from the technology for years. It won't at all be surprising if South Korea passes legislation that introduces a far more secure approach to ID, but that won't be much consolation to locals who may spend ages worrying about fraud and theft.

[Image credit: Jung Yeon-Je/AFP/Getty Images]