Kyowon Group hit by ransomware attack
Incident
Summary
Hide ▲
Show ▼
The Kyowon Group confirmed a ransomware attack that disrupted operations and led to customer data exfiltration, creating immediate availability and exposure risk. The incident occurred in January around 10 a.m. and was disclosed on 2026-01-14. Kyowon said it was restoring services while the final customer-impact scope remained under investigation. Korean media reported that roughly 600 of 800 servers were affected.
Related Happenings
Seoul Metropolitan Police raid on Coupang breach records
Law Enforcement
First: 26.01.2026 15:00
Last: 26.01.2026 15:00
Sources 1
About this happening:
**Seoul Metropolitan Police Agency** raided **Coupang’s headquarters in southern Seoul** to search for **internal documents and records related to the breach**, escalating the off...
Seoul Metropolitan Police raid on Coupang breach records
Law EnforcementAbout this happening: **Seoul Metropolitan Police Agency** raided **Coupang’s headquarters in southern Seoul** to search for **internal documents and records related to the breach**, escalating the off...
Kyowon Group external data leak affecting customer data
Data Leak
First: 14.01.2026 23:49
Last: 14.01.2026 23:49
Sources 1
How related:
The KyoWon Group has confirmed the existence of an external data leak and is conducting a detailed investigation in cooperation with relevant authorities and security experts to determine whether customer information was actually included.
About this happening:
**Kyowon Group** confirmed an **external data leak** tied to its **January 2026** ransomware incident, creating a real risk that **customer information** was exposed. The company...
Kyowon Group external data leak affecting customer data
Data LeakHow related: The KyoWon Group has confirmed the existence of an external data leak and is conducting a detailed investigation in cooperation with relevant authorities and security experts to determine whether customer information was actually included.
About this happening: **Kyowon Group** confirmed an **external data leak** tied to its **January 2026** ransomware incident, creating a real risk that **customer information** was exposed. The company...
Korean Air employee data leak via KC&D breach
Data Leak
First: 29.12.2025 15:08
Last: 29.12.2025 15:08
Sources 1
About this happening:
The airline disclosed a **data breach** that exposed employee **names** and **bank account numbers**, creating fraud and impersonation risk for **Korean Air** staff. The leak foll...
Korean Air employee data leak via KC&D breach
Data LeakAbout this happening: The airline disclosed a **data breach** that exposed employee **names** and **bank account numbers**, creating fraud and impersonation risk for **Korean Air** staff. The leak foll...
Timeline
-
14.01.2026 02:00 2 articles · 4mo ago
Kyowon confirms ransomware attack and data exfiltration
Initial DisclosureKyowon Group confirmed a ransomware incident affecting its South Korean operations, saying the cyberattack disrupted services, some data was stolen, and customer information may have been exposed while the company investigates whether personal data was included. The company said it learned its systems had been targeted in a suspected ransomware attack earlier this week, notified Korea’s Internet & Security Agency (KISA), and is restoring online services that were reported to be in the final stages of recovery.
Show sources
- South Korean giant Kyowon confirms data theft in ransomware attack — www.bleepingcomputer.com — 14.01.2026 23:49
- South Korean giant Kyowon confirms data theft in ransomware attack — www.bleepingcomputer.com — 14.01.2026 23:49