Kim Su-jeong reports:
The Personal Information Protection Commission announced on the 24th that it imposed a penalty surcharge of 343 million won [USD $250,136.73] on HAESUNG DS, a semiconductor parts company, after it left vulnerabilities in its network security equipment unattended, resulting in a hacker attack that leaked personal information of over 70,000 shareholders.
According to the commission, the hacker exploited a vulnerability in the security device (SSL-VPN) operated by HAESUNG DS in October 2023, logged into the virtual private network (VPN), and accessed its internal network. After that, the hacker leaked personal information of 73,975 individuals, including shareholders, employees, and partner company staff, stored on the internal file server, and infected files on the internal file server with ransomware.
Read more at Chosun Biz.