What Happened with Shinsegae I&C's Data Breach Affecting 80,000 Employees?
Synopsis
Key Takeaways
Seoul, Dec 27 (NationPress) Shinsegae I&C, the IT division of the prominent Shinsegae Group, has disclosed a breach affecting the personal data of approximately 80,000 employees and subcontractors. Fortunately, no customer information was compromised in this incident.
In a statement to the media regarding this data breach, the company confirmed that the leaked information originated from its internal intranet system. The compromised data includes corporate ID numbers, names, departments, and IP addresses of individuals associated with Shinsegae and its subcontractors, as reported by Yonhap news agency.
Shinsegae clarified that customer data remains secure and unaffected. The breach was first identified on Wednesday, with a report made to the Korea Internet & Security Agency by Friday afternoon.
The IT division has initiated an emergency review and implemented protective measures immediately following the detection of the leak. It appears that a malware infection may have been responsible, although the precise cause is still under investigation, according to a Shinsegae spokesperson.
Shinsegae Group is a major player in the South Korean retail landscape, running department stores, duty-free outlets, the E-Mart discount store chain, and the Starbucks coffee franchise.
In a related note, e-commerce giant Coupang stated it has successfully recovered all leaked personal information of about 3,000 customers, assuring that no data was shared externally. Coupang identified a former employee as the source of the breach through forensic evidence, with that individual admitting to their actions and explaining how they accessed customer data, as reported by Yonhap.
It was revealed that the suspect utilized stolen security keys to obtain basic customer details from around 33 million accounts, although data from only about 3,000 accounts was ultimately preserved and deleted by the individual.
Last month, a joint public-private task force was established to investigate the data breach at Coupang, which impacted 33.7 million users.