'CU Convenience Store Parcel Service' Personal Information Leak... 'Hacking Confirmed, Immediate Action Taken'

[Financial News] BGF Networks, which operates the CU Convenience Store Parcel Service, has suffered a customer personal information leak.
According to the industry on the 6th, BGF Networks said in a notice on its website the previous day that it had confirmed signs that an unidentified hacker had gained unauthorized access to its system and leaked customer personal information on the 4th.
BGF Networks said it became aware of the incident at around 3:30 p.m. on the 4th. An investigation found that an external intrusion had exploited a vulnerability in the website.
The leaked information was reported to be customer data from online members. It included names, mobile phone numbers, email addresses, addresses, gender, IDs, one-way encrypted passwords and connection information (CI). The company explained that third-party information entered for shipping, such as recipient details, was not included in the leak.
BGF Networks said it blocked the attack IP and completed corrective measures immediately after discovering the incident. It also activated its incident response team, strengthened monitoring for signs of system anomalies and began revising its security policies. The company has also reported the case to the Personal Information Protection Commission (PIPC), the Korea Internet & Security Agency (KISA) and other relevant authorities.
BGF Networks said, "We deeply feel responsible for failing to safely protect our customers' valuable information, and we sincerely apologize."
The company said that although passwords are encrypted, customers who use the same password on other sites should change them for safety. It also urged caution against clicking URL links in phone calls or text messages from unknown sources, as well as requests for financial information from people impersonating the company.

425_sama@fnnews.com Choi Seung-han Reporter