Cyber Attack at Kyowon Group Disrupts Operations, Exposes Customer Data Risks

Kyowon Group, a South Korean conglomerate, announced that it had recently been affected by a significant cyber security incident, which impacted its day-to-day operations and potentially compromised customers’ sensitive personal data.

 

Kyowon Group is a prominent South Korean conglomerate operating across the education, lifestyle, and cultural sectors, with offerings that include educational programs such as Kumon and Red Pen, Wells-branded home appliances, beauty products, and hotel and leisure services.

 

In a data security incident notice published on its website, Kyowon said that on January 10, it identified suspicious activity within its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected systems and notified relevant law enforcement authorities, including the Korea Internet & Security Agency (KISA) about the incident.

 

The investigation revealed that the company was hit by a ransomware attack in which threat actors infiltrated its internal network, deployed malware, and exfiltrated confidential data.

 

“So far, we are checking whether personal information has been leaked, and if personal information is confirmed as a result of the investigation, we plan to inform customers quickly and transparently in accordance with relevant laws and procedures, and quickly prepare and support necessary protective measures,” Kyowon said.

 

In a seperate update, the company said that it “reported the data leakage situation to the Korea Internet & Security Agency (KISA) and began sending text messages and notifications to customers.”

 

According to Korean media, the country’s cyber security authorities estimate that approximately 9.6 million accounts were affected by the ransomware attack. Authorities further believe that around 600 of the company’s 800 servers were compromised.

 

The company said the customer guidance is part of its preemptive measures to prioritise customer protection, adding that Kyowon is focusing on preventing further damage by sharing information with customers step by step as the investigation progresses and details are confirmed. 

 

“As early response is important, we are mobilising all the capabilities of the company to protect customers and minimise damage. We will do our best to minimise customer anxiety while actively cooperating with the investigation of related organisations,” Kyowon Group added.