The Korea Internet & Security Agency (KISA) warned that there were signs of hacking at KT and LG Uplus, but the two companies reported to KISA that they found no traces of a security breach in their own investigations. The two companies later confirmed that there had been a data leak.
According to materials submitted by KT and LG Uplus to the office of lawmaker Hwang Jung-a of the Democratic Party of Korea, KISA conveyed tips regarding hacking signs related to the two telecommunications companies to each company on July 19.
According to the office of lawmaker Hwang, the two companies conducted internal investigations based on KISA's tips. However, they replied that they found no signs of a security breach.
Previously, the U.S. hacking specialized media outlet FRAC raised suspicions that a foreign hacking group suspected to be behind North Korea or China attacked our government agencies and telecommunications companies KT and LG Uplus on August 8.
According to the office of lawmaker Hwang, KT received the KISA warning on July 19 and reported to KISA two days later, on July 21, that "no abnormal signs were detected" in their inspection. It was later confirmed that there had been a data leak on August 10.
LG Uplus also received the KISA warning on the same day as KT and confirmed the security breach on August 8.
Subsequently, KISA reportedly informed each company on August 22 by directly sending data leak materials that there were signs of a security breach.
At the time, both companies were reported to have received a notification from KISA to "proceed with reporting the security incident due to signs of a security breach," but it was determined that they did not file a report.
The current Information and Communications Network Act stipulates that corporations must initiate a voluntary report in order for the Ministry of Science and ICT to form a joint investigation team to conduct an on-site investigation.