South Korea Digital Defense: Monthly Breach Concerns - News Directory 3

South Korea Digital Defense: Monthly Breach Concerns

September 30, 2025 Lisa Park Tech
News Context
At a glance
  • Okay, here's a breakdown of the cyberattacks and data breaches reported in the provided text, organized ​by month and wiht key details:
  • * Albamon: (April 30) Hacking attack exposed resumes of over 20,000 users, including names, phone numbers, and email addresses.
  • * Yes24: Ransomware attack knocked the online ticketing/retail platform offline for about four days.
Original source: techcrunch.com

Okay, here’s a breakdown of the cyberattacks and data breaches reported in the provided text, organized ​by month and wiht key details:

April 2025

* Albamon: (April 30) Hacking attack exposed resumes of over 20,000 users, including names, phone numbers, and email addresses.
* SK Telecom: Major cyberattack stole personal data of approximately 23 million customers (nearly half of South Korea’s population). ⁢‌ Aftermath included​ offering new SIM cards too affected customers.

June 2025

* Yes24: Ransomware attack knocked the online ticketing/retail platform offline for about four days. Services ​were restored by mid-June.

August 2025

* ​ Yes24: second ransomware attack, taking the website and services offline for⁢ a few hours.
* Lotte Card: Data breach (between​ July 22 and August) exposed around 200GB of data affecting roughly 3 million customers.The breach went unnoticed for 17 days.
* ⁣ Welcom Financial (Welrix F&I): Ransomware attack. A Russian-linked hacking group claimed to have ‌stolen over 1TB of internal files,⁤ including sensitive ⁤customer data, and leaked samples on the dark web.
* Ongoing Espionage (March – August): North Korea-linked hackers (Kimsuky ​group) targeted at least 19 foreign embassies and foreign ministries ⁣in South Korea, disguising attacks as routine diplomatic emails.

September 2025

* Ongoing Spear Phishing⁣ (July): Kimsuky used AI-generated deepfake images in a spear-phishing attempt against a⁢ South Korean military association.

Key Trends & ⁤Observations:

* South Korea is a Major⁢ Target: A important number of these attacks are focused on South Korean companies ‌and citizens.
* Ransomware is prevalent: Ransomware attacks are a recurring theme,⁢ particularly affecting Yes24 and Welcom Financial.
* ‍ Nation-State Actors: ​ ‍North Korean hacking groups (kimsuky) are actively involved in espionage and targeted attacks.Russian-linked groups ⁢are also implicated (Welcom Financial).
*⁢ Delayed Detection: The Lotte Card breach highlights the‌ issue of​ delayed detection, allowing ‍attackers to operate⁤ for a significant period before being discovered.
* Sophisticated Techniques: The use of AI-generated deepfakes ⁣by ‌Kimsuky demonstrates an ‌increasing level of sophistication in attack⁢ methods.

Let⁤ me know if you’d like me to analyze this data further, such as by identifying the most affected sectors or the most common attack vectors.

, , , ,