The Personal Information Protection Commission announced on the 28th that it has launched an investigation following a report that personal information was leaked at KS Korea Employment Information, a call center service provider.
A Personal Information Protection Commission official noted, "A report of a personal information leak was received from KS Korea Employment Information on the 22nd," and added, "We are currently determining how the company is responding to the situation."
The Personal Information Protection Commission is expected to verify whether the security measures required by the Personal Information Protection Act to prevent data leaks were appropriate, as well as the circumstances of the leak, the categories and scale of the leaked data, and the legality of the reporting procedures.
Previously, KS Korea Employment Information confirmed through a notice on its website that "personal information in the personnel management system was leaked by a hacker on the 19th" and stated, "After recognizing the leak, we immediately isolated the system and are currently conducting additional security measures."
The company emphasized, "There is a risk of secondary damage, such as identity theft, voice phishing, and phishing, using the leaked personal information, so we urge all employees to change their passwords and report any suspicious calls or emails that may indicate misuse of personal information."
According to the security industry, on the dark web, data related to KS Korea Employment Information, amounting to 22GB, is being sold for 20 million won, and it is reported that the data includes names, phone numbers, addresses, resident registration numbers, and resumes with attached photographs.