NewKerala.com

Kyowon Cyberattack Exposes 9.6M Accounts; KT Loses 150K Users Post-Breach

South Korean authorities estimate a ransomware attack on education service provider Kyowon Group may have affected approximately 9.6 million user accounts. The breach, detected over the weekend, potentially impacts 600 of the company's servers across its eight affiliates. In a related development, mobile carrier KT Corp. has seen over 150,000 customers depart after it waived early termination fees following its own major data breach. Kyowon Group states an investigation is ongoing to confirm if personal data was actually leaked.

Key Points: South Korean Cyberattack Exposes 9.6 Million User Accounts

  • 9.6M accounts possibly breached in ransomware attack
  • Kyowon detected abnormal system activity Saturday
  • 600 of 800 servers in breach scope
  • KT lost 150,000+ users after waiving fees post-leak
2 min read

Cyberattack at Kyowon 'exposes' over 9 million user accounts to possible breach

A ransomware attack on Kyowon Group may have breached 9.6 million accounts. Meanwhile, KT Corp. loses over 150,000 customers after a data leak.

"We have identified indications of a possible data leak, and an investigation is under way... - Kyowon Group"

Seoul, Jan 14

South Korean cybersecurity authorities estimate that around 9.6 million accounts may have been affected by a recent cyberattack at Kyowon Group, a local education service provider, informed sources said on Wednesday.

The estimate by a government investigation team that includes the Korea Internet & Security Agency comes after Kyowon Group reported a possible breach on Monday, saying it had detected traces of a ransomware attack, reports Yonhap news agency.

Kyowon said it became aware of abnormal activities in its internal system Saturday and later identified a possible data breach.

The authorities estimate that 600 of the company's 800 servers fall within the scope of the breach.

The investigation team estimates Kyowon Group's eight affiliates held 13 million members in total, a figure that narrows to 5.54 million after removing overlaps. The 9.6-million estimate counts users holding more than one account.

As Kyowon Group operates a wide range of businesses, including tutoring, home appliance rentals and funeral services, experts said the number of victims could be substantial.

Kyowon Group has yet to confirm whether its members' personal data was actually leaked.

"We have identified indications of a possible data leak, and an investigation is under way with relevant organisations and security institutions to determine whether consumers' data was actually breached," Kyowon Group said in a release.

"If customer data is confirmed to have been leaked, we will notify users in a transparent manner," the company added.

Meanwhile, more than 150,000 customers of KT Corp., South Korea's second-largest mobile carrier, have left the company for a different service provider after KT began waiving early termination fees following a major data breach, industry sources said last week.

According to the sources, 154,851 KT users switched to rival carriers between Dec. 31 and Thursday, averaging more than 17,000 departures per day.

SK Telecom, the country's largest carrier, which implemented a similar penalty waiver in July after a large-scale data leak, lost about 160,000 users following its own incident.

- IANS

Share this article:

Reader Comments

P
Priya S
9.6 million accounts! And the company operates tutoring and funeral services? That's a terrifying combination of data to lose. Parents' details, children's info, and sensitive family data during bereavement. This is a wake-up call for all ed-tech companies.
R
Rohit P
The part about KT Corp losing 150,000+ customers is telling. In India, we often just complain but don't switch services. Maybe hitting companies where it hurts—their subscriber count—is the only way to make them invest in real cybersecurity. Jio, Airtel, are you listening?
S
Sarah B
Working in IT security in Bangalore, I see this pattern too often. Detection on Saturday, report on Monday. The delay is critical. Indian companies need 24/7 Security Operations Centers and real-time threat detection, not just weekday teams.
V
Vikram M
"We will notify users in a transparent manner" – promises made after the breach are cold comfort. Transparency should be before, about what data they collect and how they protect it. Our Indian education apps like Byju's, Unacademy hold similar vast data. Are they truly secure?
N
Nikhil C
A respectful criticism: The article says 600 of 800 servers breached. That's 75% of their infrastructure! This isn't a sophisticated hack; this sounds like gross negligence in basic security hygiene. Indian companies must conduct regular audits and not just tick compliance boxes.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50