United States Air Force Data Breach (2019)

SEOUL, South Korea — American troops may have been among the victims of hackers who stole information from more than 1 million U.S. and South Korean credit cards and listed it for sale on the dark web over the past three months, the military said. The thefts targeted unspecified business and financial entities in South Korea and included information on at least 38,000 U.S.-issued payment cards, according to an alert distributed by the Eighth Army via its Facebook page on Monday. An unnamed credit union that provides services at U.S. Air Force bases in South Korea was among the potentially compromised organizations, it said. Citing the large number of U.S.-issued payment cards involved and the significant presence of American troops in South Korea, the Major Cybercrime Unit-Korea said it could “assess with medium confidence that the purchase cards of U.S. service members may have been included in this compromise.” The stolen information was listed on the dark web since the end of May, according to the notice, which was based on information from the Korea Office of the Major Cybercrime Unit, U.S. Army Criminal Investigation Command. The notice advised people worried that their credit card information was stolen to place a “fraud alert” on their credit reports and to monitor their accounts for signs of identity theft.