The personal data of around 20 million bank and credit card users in South Korea has been leaked, according to the nation’s regulatory body, Financial Supervisory Service (FSS).

According to the regulatory body, the personal data included names, phone numbers, credit card numbers, addresses and bank records. All this information was stolen from KB Kookmin Card, Lotte Card and NH Nonghyup Card.

FSS is suspecting a temporary consultant at Korea Credit Bureau (KCB) to have lifted the data from the servers of the three cards and sold the information to phone marketing companies.

Following the outcome, South Korea Prime Minister Chung Hong-won had ordered the Financial Services Commission (FSC) chief to toughen penalties and inform the public about the exact damages and circumstances of the massive data leak.

The FSS said the credit card companies will cover any financial losses caused to their customers. It also added that the chance of copying credit cards was low, as passwords and card validation codes (CVC) were not stolen.