Korean Social Network Suffers Massive Breach

Thirty-five million South Koreans could have had their personal data exposed by hackers targeting one of the country’s social networks.

The Korean Communications Commission claims to have traced the hack on the Cyworld social networking website and the Nate web portal to IP addresses in China. Both sites are run by SK Telecom.

Mobile phone numbers, email addresses, names and other encrypted information are believed to have been stolen in what could be the country’s biggest ever cyber attack. The population of South Korea is around 49 million.

Another world

Cyworld allows users to create avatars and make friends in a SIMS-like environment, inhabiting ‘apartments’ which can be decorated.

It generates income by selling ‘acorns’ to be used in Cyworld to purchase things such as virtual furniture and wall paintings.

The Nate portal provides access to web services such email.

South Korean government ministries, banks and corporations have suffered a number of attacks in recent months. State-funded bank Nonghyup suffered a network failure in April blamed on North Korea and 1.8m customers of Hyundai Capital has their personal information compromised.

The South Korean government has drawn up a new cyber-security plan in response.

China has also recently been implicated over spear-phishing attacks on the Gmail accounts of US and South Korean officials and Chinese human rights activists.

Mark Darvill, a direcor at security firm AEP said: “By any standard this is a massive attack and one of many in recent months where the finger has been pointed at hackers based in China.

“It’s too early to say whether this attack is politically motivated or merely an attempt to steal personal information for financial gain.

“However it’s now becoming increasingly difficult to differentiate between attacks on military, communications, financial, civilian or critical infrastructure targets.”

David Jamieson

View Comments

  • We recently blogged about Washington's new stance that a cyber attack from a nation state will be treated as an act of war:

    "Is Washington actually taking the daily/hourly/pick-your-increment hack attack seriously? Meaning not as a political expedient, but creating an environment where cyber war/crime is treated with the magnitude it merits? We sincerely hope so.

    That said, if it was determined that a given breach caused harm to American treasure, then the new initiative would consider that an act of war, and rightly so. But, the attacker would have to be identified and located before any retaliation could ensue. This would require pervasive security intelligence, as we term it, or a “brain layer” over the network/s involved in the attacks."

    http://blog.q1labs.com/?p=1131

    Any sovereign state that determines it has been breached by another sovereign state via a cyber attack should follow Washington’s lead and treat the offense with the magnitude it merits.

    John Burnham - Q1 Labs

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

5 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

6 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

6 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

8 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

11 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

11 hours ago