HQ/EMEAFind out how we can help your business
Seoul National University Hospital (SNUH), one of South Korea’s largest healthcare organisations, has suffered a data breach attack from North Korean hackers. The attackers have allegedly stolen personal details and critical medical information.
Based on reports, the attack happened between May and June a couple of years ago, and law enforcement agencies have investigated since 2021 to identify the attackers. The investigation revealed that the attack came from a North Korean threat group.
The investigators based their conclusion on the attacker’s IP addresses, which were exclusive to North Korean hackers, the website registration details, and the use of language from North Korean vocabulary.
Kimsuky is the perpetrator of the attack against Seoul National University Hospital (SNUH).
The initial report from the police has not confirmed the attackers’ identities. Still, local media in South Korea linked the cybercriminal campaign on Seoul National University Hospital (SNUH) to the Kimsuky hacking group.
The media revealed that the attackers utilised seven servers in South Korea and other countries to deploy the cyberattack on the hospital’s internal network. The authorities added that the incident resulted in the leak of more than 800,000 individuals’ data. 17,000 of the impacted people are current and former hospital personnel.
The press release warned South Korean organisations that the North Korean hacker groups might try to breach various entities’ data and communication networks. The notification also reminds organisations to increase the strength of cybersecurity. Experts explained that organisations should implement security patches, data encryption, and management system access.
The South Korean government has also planned to respond to malicious cyberattacks sponsored by the national government actively. The country will try to mobilise their security capabilities ad firmly defend South Korea’s cyberspace by preventing additional damage through collaboration and information sharing with other agencies.
North Korean hackers are known for attacking hospital networks to steal sensitive information and extorting ransom payments from healthcare institutions. The US government has also been the subject of these attacks, which warned its organisations to raise their cybersecurity standards to prevent the intrusion of such threats.
