Seoul—A North Korean hacking group has extracted approximately 1,014 gigabytes of data from a South Korean court's computer network over a two-year period, according to the results of a joint investigation revealed on Saturday. The breach, which spanned from January 2021 to February 2023, involved sensitive personal details including names, registration numbers, and financial records.
According to Philippine News Agency, prosecutors, and the National Intelligence Service, the hacking operation is attributed to the Lazarus group, a well-known North Korean cyber unit. The investigators linked the cyberattacks to North Korea based on the nature of the malicious software used, the methods of payment for server leases involving cryptocurrencies, and the origin of IP addresses used during the attacks.
Despite the vast amount of data compromised, the investigative team has so far managed to identify only about 5,171 files, totaling 4.7 gigabytes, which represents a mere 0.5 percent of the total data leaked. This situation has highlighted significant vulnerabilities in the security management and response protocols of the judiciary.
In response to the breach, authorities have taken steps to mitigate further damage. The compromised files have been secured and provided to the court administration, and individuals affected by the data leak have been notified.
The police launched their investigation in December following an internal review by the court, which began after initial detections of malicious code in the network.