A hacker attack on Catch (CATCH), a recruiting platform run by Jinhaksa, led to a breach of some member personal information. With 2 million monthly visitors, concerns are growing about potential harm to users of the job seeker platform.
Catch told members via text and a notice on the 24th that "from 3:15 p.m. on Mar. 20, 2026 to 11 a.m. on Mar. 23, some personal information was leaked due to a hacker attack on our website."
The leaked information in this incident consists of seven items: ◇ gender ◇ date of birth ◇ mobile phone number ◇ address ◇ email ◇ ID ◇ internal company member management data. However, the exact scale of the leak (number of affected people) was not disclosed.
Members were directed to log in and check individually on the official site notice which personal data items were leaked and whether they were affected. As of now, it has not been confirmed whether additional sensitive information such as resumes was leaked.
The company said, "As soon as we detected signs of a leak, we blocked the path and completed security measures, and we have reported the incident to the relevant authorities and are cooperating with their investigation," adding, "We will provide prompt and transparent updates on any additional findings." The company also cautioned, "There is a risk of secondary damage such as voice phishing and smishing using the leaked information, so extra caution is needed."
Catch is a recruiting platform operated by Jinhaksa and was launched in Nov. 2015. It provides hiring postings focused on large corporations and midsize corporations along with company analysis information, and has built a user base mainly among job seekers and people hoping to change jobs. As of 2022, it had 110,000 daily unique visitors and 2.57 million monthly visitors.
In addition to entry-level and experienced hiring information, it offers salary information, corporations reviews, interview and cover letter materials, and online lectures (Catch Class), and it has expanded its services to the YouTube channel "Catch TV" and the offline space "Catch Cafe." Recently, it launched a "CATCH Membership" for corporations and is expanding its B2B business.
The incident has renewed criticism that recruiting platforms holding databases of job seekers in the millions have security vulnerabilities. Depending on the results of investigations by police and the Personal Information Protection Commission, the actual scale of damage and the scope of the leak are expected to come into clearer focus.