my timesThe Korea Times
  1. Business
  2. Tech & Science

Calls grow for probe into KT, LG Uplus data leak allegations

Listen
By Lee Gyu-lee
  • Published KST
KT headquarters in central Seoul / Yonhap

KT headquarters in central Seoul / Yonhap

Seoul YMCA urged the Personal Information Protection Commission to investigate alleged data leaks at KT and LG Uplus on Thursday, filing a formal request.

“Recently, KT and LG Uplus users have been worried that their personal information may have also been leaked,” the civic group said.

“This follows the government’s initial announcement in July that inspections of KT and LG Uplus showed ‘no damage.’ However, its repeated revisions — from ‘under review’ to ‘tentative data breach’ and ‘under inspection’ — have created confusion and uncertainty.”

Noting that the delay in disclosing the risks of possible leakage only heightens confusion among the public and damage to the companies’ subscribers, the group claimed that the telecoms have previous track records of attempting to conceal breaches in personal information.

“LG Uplus has a history of failing to disclose or delaying the reporting of personal data breaches, with incidents in 2018 and 2023. On both occasions, the company only notified the public of the leaks after receiving alerts from the Korea Internet & Security Agency and was subsequently fined,” it said.

“The concern is that LG Uplus may once again be repeating the same pattern, to reveal the facts only after they are pointed out by external parties or reported in the media.”

It also pointed out that KT has recently been accused of destroying part of its servers by the Ministry of Science and ICT.

“This may go beyond mere poor management and amount to concealing breaches and destroying evidence, a grave matter that strongly suggests the possibility of willful or gross negligence,” it said.

Speculation over a data breach at KT and LG Uplus surged after the global hacking journal Phrack Magazine reported that two anonymous white-hat hackers had obtained 8 gigabytes of leaked data from an attacker known as “KIM,” suspected to be affiliated with the North Korean hacker group Kimsuky.

The magazine reported that leaked data included LG Uplus internal data such as source code, database, server information and employees’ and partners’ account IDs and names, as well as KT’s secure socket layer certificates.

LG Uplus headquarters in Yongsan District, Seoul / Courtesy of LG Uplus

LG Uplus headquarters in Yongsan District, Seoul / Courtesy of LG Uplus

Since the report surfaced, the ICT ministry revealed that it has been aware of the issue since July and launched an investigation.

“We are currently conducting an on-site inspection to confirm whether hacking incidents occurred at KT and LG Uplus,” the ministry said. “We are also collecting related materials and performing detailed forensic analysis.”

KT and LG Uplus denied any evidence of a breach and confirmed they are cooperating fully with the ministry’s probe.

“As far as we were aware, there was no indication of a breach or cyberattack incident; there were no traces found. That is why, when this situation first arose (with the SK Telecom incident), we reported (as not breached) accordingly,” a KT official said.

“Since we found no signs of a breach, there was no evidence or circumstances pointing to compromised data … And since the investigation began, our company has been cooperating fully and proactively.”

LG Uplus also emphasized that the allegation does not accuse the company of breaching the customers’ personal data, unlike the incident at SK Telecom, and that it is complying with the investigation.

“None of the alleged data leak is related to customers’ personal information … but regardless, our position is that we are actively cooperating with the government’s investigation,” a company official said.