Aladin eBook Leak... Are Other eBook Platforms Safe?

by Seo Miteum

Published 31 May.2023 13:31(KST)

A major incident occurred at the online bookstore Aladin, where a large volume of e-books was hacked and leaked, raising alarms in the publishing industry. Attention is growing regarding the level of content security maintained by online bookstores handling e-books.

According to the publishing industry, security for distributors and sellers handling e-books is broadly categorized into management, physical, and technical security. Technically, a DRM (Digital Rights Management) defense barrier is established to prevent data leaks due to hacking and other threats. DRM is a technology that grants access rights only to authorized personnel and is widely used for audio, movie, and book content.

[Image source=Yonhap News]

Additionally, physical security measures are taken by separating the internal network from the internet to block external intrusions. Finally, information security specialists manage the system and respond to emergencies to protect personal information and intellectual property.

In the e-book industry, leakage of e-book data equates to a fundamental loss of business resources, so significant efforts are made to ensure security. For example, the online bookstore Yes24 operates a data protection network supported by a total of 10 information security personnel. To counter not only external intrusions but also malicious leaks by internal employees, they operate separate internal information management networks and internet networks. They also conduct regular simulated hacking exercises with in-house hackers to identify vulnerabilities. In addition to basic DRM, they use two additional encryption logics that are periodically changed.

A Yes24 representative stated, “Based on our experience with various abuses related to idol ticketing, we strive to apply the best security solutions,” adding, “Monitoring of abnormal access is conducted 24 hours a day, and we were the first in the industry to obtain ISMS-P security certification, supervised by the Internet & Security Agency.”

The e-book platform Millie’s Library also operates a security system based on DRM technology. Nam Ki-hoon, Head of the Technology Innovation Division at Millie’s Library, said, “We are making efforts to strengthen security through continuous monitoring to prevent leaks,” and added, “In particular, we have introduced a specialized DRM solution to do our best to prevent the leakage of creators’ valuable works. We have plans to further specify these measures in the future.”

So far, there have been no cases of encrypted e-book data leaks in the publishing industry. The recent Aladin leak involved data that was not protected by DRM technology. Aladin stated, “The leaked e-book data is part of materials without DRM technology that restricts unauthorized use of content. No encrypted files from the company’s system were leaked. No abnormal access records have been confirmed so far.”

The incident drew attention on the 18th when a netizen claiming to be a hacker announced on social networking services (SNS) that they distributed leaked Aladin e-books through a group chat room. The netizen shared about 1,000 titles of e-book data and claimed to possess a total of 850,000 e-book titles.

The Korea Publishers Association confirmed through the Copyright Protection Agency that about 5,000 e-book titles were leaked via a Telegram open chat room with over 3,200 participants.