About a week after YES24 was hit by a ransomware attack, the CEO issued an apology and stated that they would prepare a compensation plan for customers.
On the 16th, YES24 co-CEOs Kim Seok-hwan and Choi Se-ra said, "We deeply apologize to all those involved, including customers who have experienced inconvenience and our partners," and noted, "We take the erosion of trust caused by this incident seriously and are currently mobilizing all our resources for recovery from the damage and rebuilding trust."
They continued, "This incident was a systems failure caused by an external ransomware attack, and as a responsible platform operator, YES24 is putting all its efforts into service recovery and security checks," adding, "Given the nature of a ransomware attack, there is a possibility that hackers could monitor external responses or add further threats, so we had to approach information disclosure cautiously. Nevertheless, we sincerely apologize once again for not being able to provide customers with accurate information more quickly and correctly."
Furthermore, the two co-CEOs of YES24 promised, "We are preparing compensation criteria applicable to services for the customers who experienced inconvenience due to the service interruption. We plan to announce the first compensation plan today, and any additional compensation plans will be communicated through announcements on our website."
They added, "As a result of this incident, we plan to reassess our security system from the ground up. We will implement external security advisory groups and expand our security budget to enhance the reliability and resilience of the platform from system design to overall operations," and further stated, "Once again, we apologize to all those who experienced inconvenience."
Earlier, YES24 experienced service disruptions after being attacked by ransomware starting on the 9th. Access to the website was completely halted, along with order histories and shipping. As a result, the entertainment industry also faced repercussions, with B.I postponing his fan meeting's pre-sale schedule, and Park Bo-gum delaying the pre-sale confirmation for his fan meeting tour in Seoul.
ATEEZ, DAY6, Xdinary Heroes, and TWICE postponed their concert ticket sales, while ENHYPEN canceled the fan signing event to commemorate their new album release.
Official apology for the YES24 ransomware disruption incident
We sincerely apologize to our customers.
On June 9, 2025, YES24 experienced a service interruption due to a ransomware attack from external forces, resulting in the complete shutdown of our entire system.
This caused significant inconvenience and anxiety, disrupting valuable daily activities for our customers, such as book orders, eBook access, and event ticket purchases.
YES24 is acutely aware of the weight of this inconvenience.
We sincerely apologize to all those who experienced inconvenience, including customers and partners.
YES24 is a platform that has grown on the trust of its customers.
We take the erosion of that trust caused by this incident seriously and are currently mobilizing all our resources for recovery from the damage and rebuilding trust.
Incident background and recovery status
This incident was a systems failure caused by an external ransomware attack, and YES24 is putting all its efforts into service recovery and security checks as a responsible platform operator.
Immediately after the attack, YES24 prioritized internal analysis and recovery, while cooperating with relevant government agencies in the investigation.
Although we made proper notifications immediately after the incident occurred, due to the nature of the ransomware attack, it was necessary for us to approach information disclosure cautiously as hackers could monitor external reactions or pose additional threats.
Nonetheless, we apologize once again for not being able to provide our customers with accurate information more quickly and correctly. In the future, we will communicate with greater transparency and consistency.
The core services related to the purchase of books, media, stationery, eBooks, and ticket services, as well as ordering and payment, have been restored; some additional services, such as reviews, are being restored sequentially as best as we can.
Customer compensation and recovery measures
YES24 is preparing compensation criteria applicable to services for customers who experienced inconvenience due to the service interruption.
We plan to announce the first compensation plan today, and any additional compensation plans will be communicated through announcements on our website.
Measures for preventing recurrence and enhancing security
YES24 is working with relevant government agencies (KISA, Personal Information Protection Commission) and external security experts to investigate the cause of the incident and conduct security diagnostics, and we will transparently disclose the findings of these investigations in due course.
Additionally, we plan to reassess our security system from the ground up due to this incident. We will implement external security advisory groups and expand our security budget to enhance the reliability and resilience of the platform from system design to overall operations.
Moreover, we will actively participate in discussions for institutional improvements to create a safer digital ecosystem in collaboration with the government and industry, and we aim to be a responsible corporation fulfilling our social role.
We wholeheartedly promise to fulfill our responsibilities until the end in this process of rebuilding the trust of our customers.
Once again, we apologize to all those who experienced inconvenience.
June 16, 2025
CEO of YES24
Kim Seok-hwan, Choi Se-ra
[Photo] YES24, OSEN DB
[OSEN]