Information provision by the Ministry of Land, Infrastructure and Transport's apartment actual transaction price disclosure system was temporarily suspended overnight, blocking data updates for real estate platforms that link to it. It was confirmed that this was due to an external cyberattack targeting the government's public data intermediary server.
According to relevant government ministries and the industry on the 17th, starting around 3 p.m. on the 16th, more than about 1,000 abnormal external access attempts, including those inducing file downloads, were continuously detected against the "Public Data Portal" intermediary server operated by the Ministry of the Interior and Safety.
The attack was not a DDoS that paralyzes a specific system, but it was known to be a similar attempt aimed at large-scale data exfiltration or overloading the system. As a result, the National Information Resources Service's security defense system automatically activated and temporarily blocked specific IPs deemed to be threats.
The problem is that some ministries, including the Ministry of Land, Infrastructure and Transport, provide data to the private sector via API through this gateway intermediary server. When the security system automatically blocked the IP of the intermediate linkage server equipment, platforms such as "Silkka (actual transaction price update site)," which receive the Ministry of Land, Infrastructure and Transport (MOLIT)'s actual transaction price data via API and update daily, and Naver Pay Real Estate experienced simultaneous response delays in data calls and update suspensions.
A representative of an actual transaction price platform said, "We receive actual transaction price information daily through the Ministry of Land, Infrastructure and Transport's server, but an error occurred on the actual transaction data provision server," and "We heard that a surge of abnormal access occurred, so the server was closed for security reasons."
A Ministry of the Interior and Safety official said, "This delay was a temporary phenomenon that occurred as the government's security defense system operated normally according to the manual," adding, "In addition to the Ministry of Land, Infrastructure and Transport (MOLIT), other ministry systems that pass through the intermediary server may also have been partially affected."
After confirming that the external threat factors had been resolved, the Ministry of the Interior and Safety (MOIS) lifted the blocked IPs around 8–9 a.m. that day. Public data APIs, including the Ministry of Land, Infrastructure and Transport (MOLIT)'s actual transaction price system, are now fully normalized.