 |
Photo courtesy of Yonhap News |
[Alpha Biz= Paul Lee] Toss Securities has requested a police investigation after detecting signs that former employees attempted to remove source code related to its stock trading system, identifying the incident within 24 hours of the initial download.
According to the financial investment industry on January 29, suspicious activity involving two former employees, identified as A and B, was recently detected by Toss Securities’ internal security systems. The activity indicated an attempt to transfer source code associated with the company’s stock trading platform outside the organization.
The abnormal behavior was flagged within 24 hours after A downloaded the source code, prompting the company to immediately launch an internal investigation. A is believed to have attempted to take confidential information from Toss Securities while preparing to join a rival firm.
Toss Securities has since filed a formal complaint and requested an investigation by the Industrial Technology Security Investigation Unit of the Seoul Metropolitan Police Agency.
Information leaks involving insiders have long been cited as a persistent problem across industries, often taking months to detect. In contrast, Toss Securities’ rapid identification of the suspected breach highlights the effectiveness of its internal security controls. Similar insider-driven data leaks at major online platforms in recent years have triggered widespread public concern.
Toss Securities has built its internal security framework around a “zero-trust” approach, under which no user or device is trusted by default and all access and actions are continuously verified.
The company said its internationally compliant information security management systems, physical access controls and restricted security zones, as well as its multi-layered network security architecture, functioned effectively in a real-world incident, enabling the early detection and response.
Alphabiz Reporter Paul Lee(hoondork1977@alphabiz.co.kr)
