The latest attack comes amid security experts' warnings that the country's largest bookstore's decision to negotiate with hackers during the initial June incident may have made it an easy target for future attacks.
The firm said the incident occurred at around 4:30 a.m., but the system was fully recovered by 11:20 a.m., about seven hours after the attack.
"We sincerely apologize for causing inconvenience to our customers once again," Yes24 said in its press release.
Yes24 first suffered a ransomware attack on June 9, which paralyzed its app and internet services for about a week. The company faced criticism at the time for failing to immediately notify users about the breach and for its lack of transparency regarding the incident.
Security experts expressed particular concern when it emerged that Yes24 had reportedly paid cryptocurrency to the attackers to resolve the situation, a move that violated relevant cybersecurity regulations.
"The most critical problem is that Yes24 failed to establish an off-site backup system that stores key data in external storage or cloud services to prepare for ransomware infections," said the Ministry of Science and ICT and Korea Internet & Security Agency (KISA) in a report.
Government agencies and security experts also warned of the risks posed by Yes24’s decision to negotiate with hackers, expressing concerns about the possible recurrence of attacks.
Industry observers now worry that the "worst-case scenario" predicted in the earlier report, with Yes24 becoming a repeat target within just two months.
These incidents raise concerns about broader cybersecurity vulnerabilities in South Korea, following recent massive attacks on SK Telecom and Seoul Guarantee Insurance, prompting calls for stronger response measures and improvements in backup infrastructure.
According to KISA's report, one in four companies targeted by ransomware attacks lacked backup systems capable of rapid recovery, exposing widespread security risks among many businesses.
Security experts warn that without decisive action, South Korean companies could become primary targets for international ransomware groups, stressing the need for a firm stance against cyberattacks.
reporter
Kim Dong-young
davekim0807@ajupress.com
Copyright ⓒ Aju Press All rights reserved.
![[K-Tech] Korea selects five teams to develop national AI models in major push for technological sovereignty](https://image.ajunews.com/content/image/2025/08/04/20250804153418253002_278_163.jpg)
![[K-Tech] Korean tech firms race to build homegrown AI foundation model](https://image.ajunews.com/content/image/2025/07/22/20250722092551761570_278_163.jpg)
View more comments