LG Uplus has confirmed a data breach, adding to a wave of cyberattacks on major South Korean telecom providers.
The South Korean telecom giant LG Uplus has confirmed a suspected data breach. The Korea Internet and Security Agency (KISA) has reportedly been notified about the cyber incident.
The company confirmed to TechCrunch that a report was submitted, but has not provided a timeline for when the results of its internal investigation will be released.
Industry sources said LG Uplus submitted its report after detecting signs of a possible intrusion on its servers. The move came roughly three months after KISA was first alerted by a whitehat hacker in July about a potential breach in the company’s systems.
The hacking publication Phrack claimed that attackers had infiltrated LG Uplus’s intranet and leaked the personal data of approximately 42,000 customers and 167 employees.
According to The Korea Times, back in August, LG Uplus told the Ministry of Science and ICT that its internal review had found no definitive evidence of a cyberattack.
However, lawmakers later criticized the company for removing or modifying servers linked to its account management system after receiving warnings of a possible intrusion, which raised concerns that critical evidence may have been lost in the process.
Three major Korean telecoms attacked
The news comes after cyberattacks hit other major South Korean telecom providers, SK Telecom and KT Telecom, earlier this year.SK Telecom was claimed by the Qilin ransomware group, which said it had taken an alleged 1TB cache of stolen files.
After a public apology from SK Telecom CEO Yoo Young-sang, the company was forced to offer free SIM card replacements to all its customers in the aftermath, and said it would “continue to implement ‘double and triple’ safety measures until the concerns and worries of customers were resolved.”
To accommodate the swap, the company had to halt new sign-ups until it had changed SIM cards for those affected by the cyberattack.
In September, an unidentified threat actor claimed a breach of SK Telecom. The post appeared on a well-known data leak forum. The hackers claim the stolen files contain source code for several internal projects, build configs, Dockerfiles, and even exposed AWS access keys.
In September, another Korean telecom carrier KT also reported a cyberattack, with cumulative losses now exceeding 240 million won across 368 victims of unauthorized payments.
In October, another gang named CoinbaseCartel claimed to have stolen confidential source code and sensitive project files from SK Telecom, threatening to leak that data if the telecommunications giant didn’t start negotiations.
In September, South Korea’s National Assembly launched an investigation in September into suspected Chinese and North Korean cyber activities targeting government and telecom infrastructure.
Executives from KT, SK Telecom, and LG Uplus were questioned about their cybersecurity practices and responses to recent breach alerts.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked