Overview

• The June 9 ransomware attack targeted Yes24’s internal system files and has kept its bookstore and ticketing services offline for four days.
• On June 11 the Personal Information Protection Commission launched a formal investigation after Yes24 reported irregular access to member information.
• The Korea Internet & Security Agency said its analysts visited Yes24 on June 10 and 11 but received no cooperation for technical support.
• The National Police Agency opened a preliminary inquiry into the attack’s source and is assessing whether customer data was compromised.
• After initially denying any breach, Yes24 said it will notify users if investigations confirm personal data exposure and expects full service recovery by Sunday.