South Korea’s Personal Information Protection Commission said it has expanded and revamped its “Leaked My Data Check” service (kidc.eprivacy.go.kr) and began operating it from Jan. 29, as credential stuffing attacks that exploit leaked account information on the dark web and elsewhere have surged.
The service allows users to enter the ID and password combination they normally use to check whether the account information is being illegally traded on the dark web and elsewhere. If a leak is confirmed, users can reduce the risk of account hacking by changing their password or setting up two-step verification.
The revamp expands the scope of searches to include email addresses, in addition to existing ID and password checks. The commission said this reflects a growing trend of services using email as login IDs.
Chi-gyu Hwang
delight@d-today.co.kr