GS Retail confirmed on the 27th that there were indications of personal information leakage involving 1.58 million cases on its home shopping website. Last month, personal information of over 90,000 individuals was leaked from the convenience store website due to a hacking attack.
GS Retail explained, "Last month, we discovered suspicious activity where numerous logins were attempted on our website using IDs and passwords leaked from other sites. Upon analysis, we recognized that personal information of customers had been leaked from the convenience store website and sent notification texts to the affected customers."
They added, "We expanded the scope to all internet sites we operate and, as a result of additional analysis of logs from the past year, confirmed indications of the leakage of approximately 1.58 million personal information cases on the home shopping website from June 21 of last year to the 13th of this month through the same methods."
The leaked personal information presumed to have been obtained through the home shopping website includes 10 items: ▲ Name ▲ Gender ▲ Date of birth ▲ Contact information ▲ Address ▲ User ID ▲ Email ▲ Marital status ▲ Wedding anniversary ▲ Customs unique identification number.
GS Retail confirmed that financial information, such as membership points and payment methods, was not leaked. GS Retail immediately blocked the IPs (Internet Protocols) and attack patterns attempting to hack and locked the home shopping website accounts to prevent logins.
They then strengthened the identity verification process during logins and sent messages recommending password changes. GS Retail established a cybersecurity measures committee, involving top executives, to swiftly address this incident and committed to operating the committee permanently to prevent recurrence.
Plans are also in place to establish comprehensive response measures, including increasing investment in information protection, adopting the latest information protection technologies, upgrading systems, and reinforcing security policies and specialized security personnel.
GS Retail stated, "We sincerely apologize once again to our customers for the trust placed in us and will do our utmost to restore that trust," and promised to cooperate sincerely with investigations by relevant agencies to prevent further damage and ensure transparent communication with customers and stakeholders.