According to the SK shieldus breach investigation underway by the Ministry of Science and ICT, about 15GB of data was leaked through the personal email accounts of two internal employees. The leaked data is understood to include information on a total of 120 private companies—15 financial institutions including SK Telecom and 105 other private companies—as well as numerous public institutions.
According to the document "SK shieldus breach response status" obtained by People Power Party lawmaker Choi Su-jin from the Ministry of Science and ICT on the 27th, SK shieldus reported to the Ministry of Science and ICT on Oct. 18 an internal information leak of about 24GB. An on-site investigation into the cause of the incident and the response status is underway. The hacker infiltrated a honeypot operated by SK shieldus, accessed an internal employee's personal email that was in an auto-login state, stole client-related data, and posted it on the dark web.
The leaked data contains sensitive security-related information, including SK Telecom's solution verification documents, security control system configuration materials, and client test results, making it urgent to respond to prevent additional damage to clients.
SK shieldus is a leading security company in Korea, with about 7,000 employees and about 2 trillion won in sales, and it has a total of 1,201 clients (230 public, 185 financial, and 786 private).
Lawmaker Choi Su-jin said, "Given that a significant number of SK shieldus's clients are financial institutions and public institutions, the leak of key security materials, including the security control system, is a serious matter," and added, "Swift security measures are needed to prevent the spread of additional damage."