[Weekend Briefing] Korean telecom giant leaked its staff information onto the dark web

By Dain Oh and Kuksung Nam, The Readable
Sep. 30, 2022 7:55PM KST

Hello, this is Dain Oh and Kuksung Nam in South Korea. The Readable has picked four news stories for you. Have a great weekend!

1. Korean telecom giant leaked its staff information onto the dark web

One of the largest telecommunication companies in South Korea was confirmed to have leaked its employees’ personal information onto the dark web, which led to a government institution imposing penalties on the company on Wednesday.

LG Uplus, the third largest mobile operator in South Korea, was fined 6 million won ($4200) for a security violation which let its employees’ login credentials be exposed to the dark web. The security breach was first reported by a local journalist in December of last year, and an investigation followed when LG Uplus disclosed the incident to the Korea Internet & Security Agency under the nation’s privacy law.

According to a press release by the Personal Information Protection Commission, a hacker was able to access some of the internal webpages of LG Uplus without logging in. Through a structured query language injection, a type of cyberattack which a hacker uses to steal information from a victim’s database, the hacker acquired sensitive information of the company’s employees, including email addresses and passwords. Later, the hacker, whose ID was “mont4na,” uploaded the information to the dark web, intending to sell it.

Besides LG Uplus, the PIPC put sanctions on nine different organizations which were all found to have broken the privacy law. “Security breaches of personal information have been caused by not only an external attack, but also an internal mistake,” said Yang Cheong-sam, an investigation and coordination bureau director-general of the PIPC. “To prevent further breach, organizations should monitor their security posture constantly and educate employees in order to enhance their security awareness.”

2. Cyberattacks against small businesses surge in Korea

Almost nine out of 10 companies which suffered from cyberattacks in South Korea turned out to be small and midsized businesses, according to a press release by a congresswoman in the country. Her Eun-a, a member of the National Assembly of South Korea, disclosed a report on Thursday which was submitted by the Ministry of Science and ICT and the Korea Internet & Security Agency regarding cybersecurity incidents which occurred from January 2019 to August 2022.

While the total number of security breaches increased, small businesses experienced more cyberattacks than large businesses. According to the report, 665 small businesses reported cyberattacks, consisting 88% of the entire victims this year. Moreover, the number of victims in small and medium businesses have dramatically increased over the last four years. In 2019, 386 small and medium sized businesses reported a breach. The number kept growing until it reached 655 so far this year.

The total number of cyberattacks reported by South Korean companies was 738 this year, an increase of 76% compared to 2019. Among the types of cyberattacks that were reported, system hacking was found to be the most prevalent attack that South Korean businesses experienced this year, with a record of 428. Attacks that utilized malicious codes, including ransomware, came second. Distributed-denial-of-service attacks were also deployed to compromise businesses.

“The government has failed to suggest damage assessment standards for victims of cyberattacks, which leads to the failure of aggregating the nation’s damage,” said Her Eun-a. “To make the nation safer, the government should cooperate with the private sector and add more manpower to cybersecurity response.”

3. Hacking attempts targeting Korean military triple over five years

Designed by Areum Hwang, The Readable

South Korean military detected 42,847 cases of attempted hacking on its computer network from 2017 to 2021. More than eleven thousand hacking attempts were conducted last year trying to break into the military’s computer network, which is almost three times more than five years ago.

According to a press release on Tuesday by Lim Byung-heon, a member of the South Korean National Assembly’s defense committee, who received the data from South Korea Cyber Command, websites were the number one target for the attackers who tried to gain access to the South Korean military’s computer system. To read the original reporting, click here.

4. Korea, U.S. research teams join forces to fight ransomware

Source: Park Ki-woong, Sejong University

Cybersecurity researchers in South Korea and the United States will put their heads together with an aim to restrain ransomware attacks around the world. According to a press release by Sejong University, researchers at four different institutions of cybersecurity located in South Korea and the United States, including the University of Virginia and MITRE, will cooperate on ransomware research for the next two years.

The main objective of the research is to build an international platform for the sharing of information related to ransomware. To read the original reporting, click here.


The cover image of this article was designed by Areum Hwang.

Dain Oh is an award-winning cybersecurity journalist based in South Korea and the founding editor-in-chief of The Readable by S2W. Before joining S2W, she worked as a reporter for The Electronic Times, the top IT newspaper in Korea, covering the cybersecurity industry on an in-depth level. She reported numerous exclusive stories, and her work related to the National Intelligence Service led to her being honored with the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology in a unanimous decision. She was also the first journalist to report on the hacking of vulnerable wallpads in South Korean apartments, which later became a nation-wide issue.

Kuksung Nam is a cybersecurity journalist for The Readable. She covers cybersecurity issues in South Korea, including the public and private sectors. Prior to joining The Readable, she worked as a political reporter for one of the top-five local newspapers in South Korea, The Kyeongin Ilbo, where she reported several exclusive stories regarding the misconduct of local government officials. She is currently focused on issues related to anti-fraud, as well as threats and crimes in cyberspace. She is a Korean native who is fluent in English and French, and she is interested in delivering the news to a global audience.