On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.
The National Tax Service (NTS) which is mainly in charge of the assessment and collection of internal taxes was established as an external organization of the Ministry of Finance on March 3, 1966. The major functions of National Tax Service are:
The deadline has come and the group has announced the publication of the stolen information.
At the time of this writing the group has yet to publish the stolen data, however, if the hack was real, the stolen data poses a severe risk to the privacy and security of South Korean citizens.
Tax Service agencies collect the personal and financial information of citizens, such data can be exploited by threat actors to carry out a broad range of fraudulent activities, including financial scams and identity theft.
Lockbit continues to be one of the most active ransomware gangs, in March the group added 100 new victims to its Tor leak site.
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:
Please nominate Security Affairs as your favorite blog.
Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – Lockbit ransomware gang, The South Korean National Tax Service)
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
This website uses cookies.