Yes24 Under Investigation for Possible Data Breach After Ransomware Attack... "Individual Notification If Breach Confirmed"
Possibility of Personal Information Breach for Yes24 Users
Personal Information Protection Commission Launches Investigation
Yes24: "Individual Notification If Breach Is Confirmed"
As the Personal Information Protection Commission has launched an investigation into a possible data breach at Yes24, which has been experiencing access disruptions for four consecutive days due to a ransomware hacking attack, Yes24 has belatedly announced that it will individually notify users if a data breach is confirmed. While Yes24 had consistently maintained that "no personal information has been leaked," the company has now acknowledged the possibility of a breach, leading to growing public anxiety.
On June 12, Yes24 posted a notice on its website stating, "As of now, we have found no evidence that customers' personal information has been leaked externally," and added, "If additional investigations confirm a data breach, we will notify affected individuals directly." The company further explained, "We are informing customers of this as a precaution against even the slightest possibility."
Additionally, Yes24 provided guidelines aimed at minimizing customer damage. The company urged customers to be wary of text messages, emails, or phone calls impersonating Yes24 or financial institutions, and requested that they immediately delete any suspicious links or attachments without opening them. Yes24 also advised users to check for any accounts or cards issued in their name.
Previously, the Personal Information Protection Commission stated that, following a report from Yes24 on June 11, it had discovered signs of abnormal member information access during the company's response to the ransomware attack first detected on June 9. The commission plans to determine the specific cause and extent of the breach, as well as whether Yes24 fulfilled its legal obligations for data security, and will take action in accordance with the Personal Information Protection Act.
Hot Picks Today
"Only Two Per Person" Garbage Bag Crisis Was Just Yesterday... Japan Also Faces Shortage Anxiety
- "Samsung Electronics Employee with 100 Million Won Salary Receiving 600 Million Won Bonus... Estimated Tax Revealed"
- Lived as Family for Over 30 Years... Daughter-in-Law Cast Aside After Husband's Death
- 'Will Demand Finally Decline Due to High Prices?'... "I'll Just Enjoy Nearby Trips" as Japan and China See a Surge
- "Wore It Once, Then This? White Spots All Over 4.15 Million Won Prada Jacket... 'Full Refund Ordered'"
Yes24, the largest online bookstore in South Korea with approximately 20 million members, has been conducting recovery operations for four days since access disruptions began around 4 a.m. on June 9. Contrary to its initial explanation of "internal system maintenance," it was later revealed that the disruption was caused by an external ransomware attack, sparking controversy over misleading users. Despite Yes24's subsequent statement that it was working jointly with the Korea Internet & Security Agency (KISA), confusion has intensified after KISA countered that "Yes24 did not cooperate with our requests."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
