 |
North Korean IT hacker (Photo = SNS) |
[Alpha Biz= Ellie Kim] More than 100,000 customer records have been exposed in a cyberattack on Lee & Lee Country Club, with police suspecting involvement by North Korean state-linked hacking groups.
According to authorities on April 26, the Korean National Police Agency’s security investigation unit notified the golf club on April 17 of a large-scale data breach uncovered during an ongoing probe into North Korean cyber activities.
Police believe the attack may be linked to groups under North Korea’s Reconnaissance General Bureau, including Kimsuky, Lazarus Group, and Andariel.
The golf club confirmed that malicious code was inserted into its website on October 21 last year, leading to the leak of sensitive personal information. Exposed data includes names, dates of birth, gender, login credentials, phone numbers, email addresses, and physical addresses.
Authorities estimate that approximately 100,000 customers were affected.
Police have since removed the malicious code, and the company has implemented additional security measures, including isolating infected files, blocking suspicious uploads, resetting compromised credentials, and upgrading its intrusion prevention systems.
The company warned customers of potential secondary damage such as identity theft, phishing, and voice scams, urging them to change passwords and avoid suspicious links.
Lee & Lee Country Club is operated by Lee & Lee Advisors, an affiliate of Daeryung Group.
알파경제 Ellie Kim 인턴기자(press@alphabiz.co.kr)
