Prior to the hacking incident of SK Telecom, SK Group's U.S. subsidiary was also identified as a target of cyberattacks and threats from a ransomware hacker organization. SK Group stated that there was no damage from the leak of important information to the outside due to immediate actions.
According to security industry and business sources on the 1st, SK Group's U.S. subsidiary, SK Americas, was attacked by ransomware at the end of March. Ransomware is a compound word derived from the English word "ransom," meaning a price paid for the release, and "ware," referring to products, which involves threatening the targeted companies or institutions to disseminate leaked information if monetary compensation such as Bitcoin is not provided.
SK Americas is an organization established last year as the control tower for SK Group's North American external cooperation. Hackers known as the Qilin ransomware hacker group are reported to have attacked the servers of SK Americas' New York office.
The hackers claiming to have attacked SK Americas posted on the dark web on the 10th of last month (Korean time) that they had extracted files amounting to 1 terabyte (TB) from the SK Group server. They presented a deadline of 48 hours, claiming it was to prevent the public disclosure of data, but did not release any data samples aside from the threat message. After the 48 hours passed, no further activities such as the public release of the stolen information or additional attacks were observed.
A local official from SK Group stated, "Immediately after the hacker's threat, we reported it to U.S. law enforcement and completed all measures to prevent damage," adding, "Since it was a server unrelated to technology or customer information, no leakage of important information occurred." The domestic security industry believes there is no correlation between the cyberattack on SK Americas and the recently identified hacking of SK Telecom.