South Korea's financial sector hit by large-scale ransomware attack, data stolen from 28 institutions

Jinse Finance reported that South Korea's financial sector recently suffered a serious cybersecurity incident. The Qilin ransomware group attacked a managed service provider (MSP), successfully infiltrating the systems of 28 financial institutions and stealing over 1 million files and 2TB of data. The attackers named the incident "Korean Leaks," carrying out the attack in three waves, mainly targeting South Korean asset management companies. Security experts suspect that the attack may be linked to the North Korean hacker group Moonstone Sleet. When publishing information on a data leak website, the attackers not only demanded ransom but also claimed they would expose "systemic corruption" and "evidence of stock market manipulation," attempting to create panic in the South Korean financial market.