The 40-year-old man, identified only by his surname Hur, is one of three South Korean men who allegedly recruited a famous hacker, who is also Korean, to make money by breaking into the computer system of Hyundai Capital Services Inc. and stealing personal information of 420,000 customers, the police said.
They also said that they have arrested an accomplice, identified as Yoo, on charges of helping Hur withdraw looted money even though he knew Hur was involved in the crime.
Investigators said the three suspected culprits paid the hacker, who was staying in the Philippines, 20 million won (US$18,000) and withdrew 100 million won sent by the company after the hacking incident.
The hacker, identified as Shin, fled to the Southeast Asian country in 2007 after having committed several hacking crimes in South Korea, according to the investigators.
Police have sought cooperation from Interpol to arrest the three other suspects and the hacker, all of whom are believed to be staying overseas.
The police have been investigating the leak case since the financial unit of Hyundai Motor Group asked for a probe on April 7 after receiving a blackmailing e-mail from unidentified hackers that demanded money in return for not releasing stolen personal data. The company said the personal data, including passwords to loan services of its customers, was stolen when the hackers attacked its network last month.
Lee Byeong-ha, a chief investigator at the Seoul Metropolitan Police Agency, announces the interim result of a criminal probe into the massive leak of personal data of Hyundai Capital customers on April 18. (Yonhap)
Also on Monday, the police announced that they were questioning a former Hyundai Capital official over allegations that he broke into the company's database six times after being hired by a rival company in December.
Five others, including a Hyundai Capital official, were accused of handing over a screen shot of a Web page of the company's operating system to the former employee, they added.
The investigators said that they are trying to figure out whether they participated in the hacking.
In a related move, prosecutors said they are checking to see whether the case is linked with agricultural cooperative lender Nonghyup's computer glitch that crippled its online services for days because the two incidents took place around the same time period.
Nonghyup's online financial transactions, including Internet banking, were suspended for six days last week, but the causes of the accident are still unknown.