Hacking group sells stolen data from medical institutions, educational organizations, online shopping platforms
Published: 07 Jan. 2026, 14:03
Updated: 07 Jan. 2026, 16:06
![A hacking underground newsletter [REUTERS/YONHAP]](https://koreaseafood.online/data/photo/2026/01/07/368ef6d6-a767-4b8a-b201-e1a3ca7c4bc2.jpg)
A hacking underground newsletter [REUTERS/YONHAP]
An unidentified hacking group has been selling stolen data from Korean medical institutions, educational organizations and online shopping platforms through underground hacking forums, the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) said on Wednesday.
The group has been targeting small-scale websites in particular. Authorities have urged companies and institutions to strengthen their cybersecurity and take extra precautions to prevent additional breaches and the spread of damage.
Hacking forums refer to online communities in which illicit cyber activities take place, such as the sale of stolen data, the distribution of malware and the exchange of hacking methods.
Signs of cyberattacks were discovered on forums between December last year and Jan. 5, according to the ministry and KISA. The agencies have since shared information related to the breaches with affected companies and institutions. A total of 17 entities, including Chungnam National University, were named victims. Coupang was not among them.
Authorities said affected organizations that confirm a breach are to report the incident to KISA under the Act on Promotion of Information and Communications Network Utilization and Information Protection, so the agency can provide technical support, identify the cause and assist with prevention measures.
On Jan. 6, the ministry published a security notice on KISA's cybersecurity portal. The announcement urged chief information security officers and members of the Cyber Threat Analysis & Sharing System, or C-TAS, network to conduct thorough system checks and find and fix any weak spots.
The ministry and KISA said they will continue to increase monitoring of illegal data distribution involving Korean entities on the dark web and hacking forums. They also pledged to support affected organizations with technical aid and long-term prevention planning as part of a broader effort to enhance national cyber defense capabilities.
This article was originally written in Korean and translated by a bilingual reporter with the help of generative AI tools. It was then edited by a native English-speaking editor. All AI-assisted translations are reviewed and refined by our newsroom.
BY CHO MUN-GYU [[email protected]]
with the Korea JoongAng Daily
To write comments, please log in to one of the accounts.
Standards Board Policy (0/250자)