Data from around 20 asset management firms in South Korea were compromised in a hacking attack earlier this month, industry sources revealed on Monday.
According to Yonhap News Agency, the breach occurred after Qilin, a Russian-speaking ransomware gang, infiltrated a cloud server maintained by an IT subcontractor. The server was primarily used by local small and medium-sized private equity funds.
Qilin claimed responsibility for the attack, alleging that the stolen data included tax documents, employee records, and personal information of investors.
South Korea’s financial regulators said they have not yet received reports of credit information leaks that could directly cause financial damage. Authorities confirmed they were aware of the incident in advance and have been closely monitoring the situation.
This case adds to a growing list of major cybersecurity incidents in the country’s financial sector. Earlier, Lotte Card Co., South Korea’s fifth-largest card issuer, suffered a massive data breach affecting about 3 million customers.
Rising Cybersecurity Threats in South Korea
Government data highlights the severity of the issue: more than 7,000 cases of corporate data breaches have been reported in South Korea over the past six years.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
- 2020: 603 cases
- 2021: 640 cases
- 2022: 1,142 cases
- 2023: 1,277 cases
- 2024: 1,887 cases
- 2025 (so far): 1,649 cases
Small and medium-sized companies were the most vulnerable, accounting for 82% of the incidents (5,907 cases). Mid-sized firms reported 592 breaches, conglomerates 242, while nonprofit organizations logged 457 cases.
