Online bookseller and ticketing platform Yes24, a dominant force in South Korea’s e-commerce landscape, was hit by another cyberattack early Monday, just two months after a major ransomware incident. The attack, which began around 4:40 a.m., took the company’s website and mobile app offline for several hours, disrupting service for its vast user base. A Yes24 official confirmed the incident, apologizing to customers and stating that all services were fully restored by 11:30 a.m. This latest breach highlights persistent vulnerabilities within the company’s cybersecurity infrastructure, especially given its public promises to enhance security following the previous attack.
The swift restoration of services stands in stark contrast to the company’s response to the June attack. That incident paralyzed Yes24’s systems for five days, causing widespread disruption to its services, which include book sales, e-books, music, and a major ticketing platform. At that time, the company faced criticism for its slow communication, as it delayed informing users and authorities until media reports brought the outage to light. This time, Yes24 was more proactive, issuing a direct apology and explanation to customers, a move that may have helped mitigate some of the public backlash.
With 20 million registered users, Yes24’s services are an integral part of the daily lives of many in South Korea. The company’s diverse inventory, which includes stationery and tickets for concerts and theater performances, means that any disruption has a broad and immediate impact. The recent outage, while shorter than the last, still caused significant inconvenience, preventing users from accessing their e-books, making purchases, or checking on ticketing information. This recurring pattern of outages raises serious questions about the company’s ability to protect its extensive digital assets and user data.
Following the June ransomware attack, Yes24’s co-CEOs, Kim Seok-hwan and Choi Se-ra, issued a public apology and outlined a plan to overhaul the company’s security measures. They pledged to increase funding for cybersecurity, bring in external experts to strengthen their defenses, and implement more robust protocols. The occurrence of a second, similar attack so soon after these promises were made suggests that these reforms may not have been implemented effectively or quickly enough. It also points to a potential systemic failure in their security architecture that remains unaddressed.
The repeated attacks on Yes24 serve as a cautionary tale for other large-scale digital platforms. The incidents underscore the critical importance of a proactive and comprehensive approach to cybersecurity, particularly for companies that handle sensitive user data and rely heavily on digital infrastructure. For Yes24, the path forward will require more than just apologies and promises. It will demand a transparent and thorough investigation into the vulnerabilities that led to both attacks and a genuine commitment to a long-term strategy for building a resilient and secure platform that can withstand future threats.
Reference: