14 DAY TRIAL // GOM TV, a popular Korean TV streaming service provider, notified customers that their personal information might have been exposed during an attack against its website.
"We regretfully inform you that at 2 AM KST, Aug. 12th, there has been an attack against our web site, GOMTV.net," GOM TV owner Gretech Corporation wrote in an email to affected users.
"We have found that some of the user information from GOMTV.net has been compromised from the attack.
"We suspect that the following information might have been exposed: name, location (country), e-mail address, GOMTV.net nickname and password," the company added.
The number of affected users has not been disclosed, but GOM TV is primarily responsible for the popularity of GOM Player in South Korea.
GOM Player has an estimated user base of around 8.5 million, but not all of them necessarily have accounts on the GOMTV.net website.
In addition, GOM TV offers the possibility of logging in with Facebook or Twitter credentials, so users who opted for this authentication method do not have to worry about changing their password.
However, everyone else urged to do it, and not only for GOM TV, but also any other website where they might have used the same passwords.
The obvious question here is why a big user-oriented service like GOM TV didn't use a strong password hashing algorithm, especially since this has been the standard industry practice for years now.
Fortunately, GOM TV uses PayPal as a payment solution so no financial information was compromised because it wasn't stored on the server. Of course, users who used the same password for PayPal as they did for GOM TV should change it immediately.
This incident comes after a recent data breach event on the popular NATE and Cyworld websites operated by SK Comms exposed the personal information of 35 million people.