The personal data of 20 million South Koreans -- or 40% of the country's population -- has been stolen, sparking outrage as worried consumers scramble to replace compromised credit cards.
Customer details appear to have been swiped by a worker at the Korea Credit Bureau, a company that offers risk management and fraud detection services.
The worker, who had access to various databases at the firm, is alleged to have secretly copied data onto an external drive over the course of a year and a half.
Clients of three Korean companies -- KB Kookmin Bank, Lotte Card and Nonghyup Bank -- were hardest hit by the data theft. Crucial personal data like identification numbers, addresses and credit card numbers were all stolen.
The Korean government has launched an investigation into the matter. The country's financial regulators said in a statement that the "relevant credit card companies will compensate for any financial loss caused by the latest incident."
Since the data theft, about half a million customers have applied to have new credit cards issued, the companies told CNN.
Related story: How hack attacks can cost you money
The data theft follows a massive security breach at Target (TGT) that impacted up to 100 million customers in the United States. Luxury retailer Neiman Marcus has said that it, too, was breached.
Target's massive breach was due to malware on point of sale systems, while the Korean banks were compromised by a third-party worker, facts that underscore the wide variety of threats facing consumers.
Executives at the three Korean firms have issued a public apology, and top-level managers at each firm have offered their resignations.
Nonghyup Bank told CNN it had accepted the resignation of Nonghyup Card CEO Sohn Kyoung-ik. The other two firms said they have not yet decided whether to retain their leaders.