Viva Republica, which runs money transfer platform Toss, said on Monday it has found unauthorized payments made on its system, and is working to find the exact causes of the incident.
According to the fintech firm, a total of eight unauthorized purchases, worth 9.4 million won ($7,853) were made on June 3 at three online websites via Toss without permission of the account owners.
Personal data, such as names, phone numbers, birth dates, and PIN numbers, have been utilized in the alleged hacking theft. The fintech firm claimed, however, it is “highly unlikely,” that the data was leaked via the Toss platform since they are not stored in its servers.
Toss, Viva Repbulica`s financial platform (Viva Republica)
“The company gave compensation to eight victims right after the records of the unauthorized transactions were discovered,” said an official from Viva Republica.
“We will fully cooperate with the police and related agencies to find out who illegally gained access to the data.”
Although it pleaded innocence, the company vowed that it would beef up its security system to block any hacking attempts to use stolen personal data.
Established in 2011, the Korean online bank is the first fintech startup that has achieved a unicorn status with over $1 billion valuation. It is deemed to be valued at $2.2 billion.
The company has received a preliminary license to run an online-only bank here, and aims to launch it as early as this year.
By Kim Young-won (firstname.lastname@example.org)