**Title: SK Shieldus Faces Data Breach Due to Hacker Attack: 24GB of Internal Documents Leaked**
(Seoul=News1) Reporter Kim Min-seok – It has been revealed that SK Shieldus became aware of the leakage of some of its internal documents due to a hacker organization’s attack only belatedly. There are criticisms that the company ignored warnings, exacerbating the damage.
On the 20th, according to data submitted by the office of Rep. Choi Soo-jin from the People’s Power party, a member of the National Assembly’s Science, ICT, Broadcasting, and Communications Committee, obtained from the Korea Internet & Security Agency (KISA), SK Shieldus received information related to a hacking attempt on membership registration services from a hacker organization (U.S.-based hacking group Black Shurantak) on the 10th of this month.
Even after receiving another warning email from the same group on the 13th, SK Shieldus did not respond, stating there were “no abnormalities in the system.”
SK Shieldus reported discovering the breach only after finding related information posted on the dark web at 11 a.m. on the 17th, a week after the hacking warning was received.
The hacking is presumed to have started with the exposure of a technical sales employee’s personal Gmail account (24GB of data). The issue arose due to settings allowing automatic login within a security test ‘honeypot’ environment.
SK Shieldus’ subsequent response is under scrutiny. While it reported to KISA on the 18th that “information leakage occurred due to automatic login during honeypot-based tests,” it refused support for damage and follow-up measures.
As a result, KISA and the Ministry of Science and ICT are reportedly unable to clearly identify the incident’s background.
Given that SK Shieldus serves clients such as SK Telecom, financial institutions, semiconductor companies, and public agencies, there is a growing concern about secondary damages.
Rep. Choi Soo-jin stated, “It is a serious problem that a leading security company in South Korea was unaware of the hacking incident for a week,” and called for the Ministry of Science and ICT and KISA to form a joint public-private investigation team for a swift response.
**Terminology Explanation**
– **Dark Web**: The Dark Web refers to encrypted networks of websites that are not easily accessible by regular internet users.
– **Honeypot**: A honeypot is a virtual system, server, or fake data intentionally exposed to attackers to detect hacking attempts and analyze their attack methods. It acts as a trap to lure hackers into attempting infiltration, believing it to be a normal system.