Korea's leading online bookstore admits possible data breach after ransomware attack

By Kim Dong-young Posted : June 12, 2025, 16:16 Updated : June 12, 2025, 16:16
An announcement posted on Yes24s homepage apologizing and explaining the cyber breach Captured from Yes24 homepage
An announcement posted on Yes24's website apologizing and explaining the ongoing cyber breach. Captured from Yes24 website
 
SEOUL, June 12 (AJP) - Yes24, South Korea’s largest online bookstore, acknowledged for the first time on Thursday the possibility that customer data may have been compromised in a ransomware attack that has crippled its operations for days.

In a statement posted on its official website, the company said it would individually notify customers if investigators confirm that personal data had been leaked.

The announcement came one day after the Personal Information Protection Commission launched a formal investigation into the hacking attack.

The company, which until now had denied any breach of user data, said in its advisory, “Yes24 has not confirmed any external leakage of customer personal information.

The company, however, added, “We are informing customers of this precautionary measure to prepare for any possibility.”

The attack, carried out by unidentified hackers using ransomware, knocked out both the main and backup servers of Yes24 on Monday.

As of Thursday, the website remained inaccessible, and the company said it expects to restore full service by Sunday — though that timeline has already slipped past earlier projections amid ongoing technical challenges.

The company also urged customers to be on alert for phishing attempts, warning them to avoid suspicious messages purporting to be from Yes24 or financial institutions, and to delete any unverified links or attachments.

The incident marks one of the most disruptive cyberattacks to hit a major South Korean e-commerce platform in recent years. The Yes24 case has raised new concerns over digital security and crisis response protocols at private firms entrusted with sensitive consumer information.

Amid the growing fallout, discrepancies emerged between Yes24 and a government cybersecurity agency over the company’s cooperation in the recovery effort.

The Korea Internet & Security Agency (KISA) disputed Yes24’s assertion that it was working with authorities, saying it had sent experts to the company’s headquarters twice since the onset of the attack but was denied cooperation on both occasions.
0 comments
0 / 300
View more comments
기사 이미지 확대 보기
닫기