* This is a partial quote from an Asiae Economy article.
https://view.asiae.co.kr/article/2026011210253692372
https://v.daum.net/v/20260112110322438
According to Asiae Economy coverage on the 12th, Kyowon Group suffered a ransomware attack in the early hours of the 10th, resulting in homepage access failures and internal system errors across all affiliates. According to a breach incident report obtained by Asiae Economy from the Korea Internet & Security Agency (KISA), this incident was a ransomware infection that spread throughout the affiliates after the attacker infiltrated the internal system through an exposed server.
The report states that the attacker used an open external port as a base to further penetrate the internal system and moved along the network between affiliates, causing damage to spread across all affiliates. In this process, access disruptions occurred to major services and internal databases (DB).
Affiliates that reported the breach incident to KISA included ▲Kyowon ▲Kyowon Kumon ▲Kyowon Wiz ▲Kyowon Life ▲Kyowon Tour ▲Kyowon Propertee ▲Kyowon Healthcare ▲Kyowon Startwon, encompassing most of Kyowon Group's core affiliates.
The report also explicitly mentions that there were threats after the ransomware infection, and a police report has not yet been filed.
Due to this hacking incident, most computer networks, including Kyowon Group's internal authentication and management system KSS (Kyowon Super Star), have been blocked and are unusable. As of this morning, a service outage notice stating "Web service use is not smooth due to unexpected failures" was posted on the homepages of Kyowon Group and several affiliates.
[The rest of the content is omitted]