Kyowon Group experienced a ransomware attack affecting most of its subsidiaries, leading to potential data leakage and service disruptions. Authorities estimate that around 9.6 million accounts may have been impacted, highlighting a significant cybersecurity threat in South Korea. #KyowonGroup #Ransomware #SouthKorea #DataLeak
Keypoints
- Kyowon Group detected suspicious activity and responded by isolating affected servers.
- The attack exploited an open external port allowing lateral spread across subsidiaries.
- Most core subsidiaries, including Kyowon Kumon and Wiz, were impacted by the ransomware infection.
- Authorities estimate approximately 9.6 million accounts could have been affected.
- No group has claimed responsibility, but the breach is part of a wave of attacks on South Korean firms.