 |
Photo = GS Retail |
[Alpha Biz= Kim Jisun] GS Retail, the operator of the GS25 platform, announced that the site was hacked, leading to the leakage of personal information belonging to over 90,000 registered users. Fortunately, no evidence of stolen points has been found.
On Monday, GS Retail sent text messages to some of its users, notifying them that personal data might have been leaked during a hacking attack on the website between December 27 and January 4. The breach was confirmed to have affected the GS25 platform, while other services operated by the company, such as GS Shop and GS The Fresh, were not impacted.
According to the company, the hacking method used was "credential stuffing," a technique where stolen account credentials (usernames and passwords) are used to log into accounts on different platforms to steal personal data.
GS Retail stated that the potentially leaked information includes seven types of personal details: name, gender, date of birth, contact information, address, username, and email address. The company explained, "After recognizing the breach, we blocked the suspicious IP addresses and attack patterns, locked affected accounts to prevent unauthorized access, and temporarily shut down pages displaying personal information."
The company urged users to change their passwords to prevent further damage.
A GS Retail spokesperson said, "We are notifying affected customers of the breach via text messages to ensure they are informed promptly."
Alphabiz Reporter Kim Jisun(stockmk2020@alphabiz.co.kr)
