By Sophia Yan and K.J. Kwon@CNNTechJanuary 21, 2014: 2:49 AM ET
HONG KONG (CNNMoney)
The personal data of 20 million South Koreans -- or 40% of the country's population -- has been stolen, sparking outrage as worried consumers scramble to replace compromised credit cards.
Customer details appear to have been swiped by a worker at the Korea Credit Bureau, a company that offers risk management and fraud detection services.
The worker, who had access to various databases at the firm, is alleged to have secretly copied data onto an external drive over the course of a year and a half.
Clients of three Korean companies -- KB Kookmin Bank, Lotte Card and Nonghyup Bank -- were hardest hit by the data theft. Crucial personal data like identification numbers, addresses and credit card numbers were all stolen.
The Korean government has launched an investigation into the matter. The country's financial regulators said in a statement that the "relevant credit card companies will compensate for any financial loss caused by the latest incident."
Since the data theft, about half a million customers have applied to have new credit cards issued, the companies told CNN.
Target's massive breach was due to malware on point of sale systems, while the Korean banks were compromised by a third-party worker, facts that underscore the wide variety of threats facing consumers.
Behind your stolen credit card
Executives at the three Korean firms have issued a public apology, and top-level managers at each firm have offered their resignations.
Nonghyup Bank told CNN it had accepted the resignation of Nonghyup Card CEO Sohn Kyoung-ik. The other two firms said they have not yet decided whether to retain their leaders.