Albuquerque, NM -- (SBWIRE) -- 04/19/2011 -- In yet another data breach incident, Hyundai Capital reported unauthorized access to one of the databases. The breach has resulted in the disclosure of information associated with around 420,000 customers. Information security professionals of the organization are investigating the security breach incident. The consumer finance company is jointly owned by Hyundai Motor Group and GE Capital.

The data breach at Hyundai Capital follows a much publicized data breach at Epsilon, which resulted in leakage of e-mail addresses of customers related to several prominent companies. The data breach was discovered after Hyundai received an e-mail from a hacker last week, who threatened to make the data public, if undisclosed amount of money was not paid to him within a day. Preliminary investigations indicate leakage of names, addresses, mobile number and e-mail addresses of customers. Around 13,000 passwords of customer loan accounts were also accessed by the attackers. The company expects further attempts to intrude into company's servers. The company has apologized to the customers and has assured initiation of remedial measures to safeguard against further security breach incidents.

Financial Supervisory Service (FSS), the authority responsible for supervision of financial institutions in South Korea has also started investigations into the alleged data breach incident.

Hyundai Capital has advised the affected individuals to change their customer loan account passwords. Several users have the practice of using common passwords for multiple accounts for easy remembrance. As such, attackers having access to one user account may also try to access other user accounts of customers. They may also try to extract more information through social engineering techniques.

Advertisements, cyber security tips, online computer degree and video tutorials may help Internet users to adopt safe online computing practices. Hyundai Capital has also alerted the customers against providing any information on phone calls, wherein the callers identify themselves as staff of the company. The company has also reportedly elevated the site security level to maximum. The public announcement of the data breach incident came after counter crime agencies failed to trace the culprits before the stipulated deadline mentioned in the e-mail received by the company.

Information availability, integrity and security are crucial for continued trust of different stakeholders in an organization. Security breach incidents have adverse implications on the reputation and profitability of business. The information extracted could be used by fraudsters to impersonate the legitimate customers and conduct fraudulent transactions. Customers would be skeptical of availing services from companies which suffer regular security breaches. Security breach incidents also have legal repercussions for businesses. Lapses in information security practices may attract penalties from regulatory authorities and also lead to negative publicity of the organization. Professionals qualified in IT masters degree and penetration testing may help organizations in regular assessment of the information infrastructure and mitigation of security flaws.

IT professionals must be encouraged to update their technical skills and know-how through online technology degree and e-learning programs. Proactive action is crucial to deal with the sophisticated threats from cybercriminals and ensure protection of an organization's information infrastructure.

Contact Press

EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228

About EC-Council University
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.