Major hospital in Seoul breached by North Korean hackers
Take action: Healthcare is an industry controlling the most sensitive of our data - health, history, detailed Personal Data. In such a data breach you can be a victim of social engineering, scams and even extortion with a confidential medical condition. Be very mindful of scams and be prepared to collaborate with police in case of extortion.
Learn More
The network of Seoul National University Hospital (SNUH), one of South Korea's largest hospitals, was breached by North Korean hackers who aimed to steal sensitive medical information and personal data, according to the Korean National Police Agency (KNPA). The intrusion took place between May and June 2021, and the police conducted a two-year investigation to identify the culprits.
The attack was attributed to North Korean hackers based on observed intrusion techniques, IP addresses linked to North Korean threat actors, website registration details, and the use of specific language and vocabulary. The attackers utilized seven servers in South Korea and other countries to carry out the attack. Approximately 831,000 individuals, mostly patients, had their data exposed, along with 17,000 current and former hospital employees. The KNPA warned that North Korean hackers may target information and communication networks in various industries, emphasizing the need for enhanced security measures. The KNPA pledged to protect South Korea's cybersecurity by mobilizing security capabilities and collaborating with related agencies. This incident is reminiscent of previous North Korean hacking operations which targeted healthcare organizations and ransomware attacks on South Korean entities.
