A partner company of Korea Hydro & Nuclear Power (KHNP), South Korea’s sole nuclear power plant operator, suffered a cyberattack, allegedly by North Korean hackers, resulting in the leak of 720,000 files, including nuclear plant-related data.
According to Rep. Choi Min-hee of the Democratic Party of Korea, who serves as chair of the National Assembly’s Science, ICT, Broadcasting, and Communications Committee, the cyberattack targeted KHNP’s partner company, referred to as “Company A.”
The attack occurred in two instances, in September 2020 and again in June of this year, leading to the breach of approximately 720,000 documents. The hacking group responsible is believed to be affiliated with North Korea.
The attack exploited vulnerabilities in the company’s Enterprise Content Management (ECM) system, which was implemented in April 2017 to prevent internal information leaks and protect against malware.
The hackers gained access by obtaining the password for the system’s top-level administrator account, allowing them to steal around 720,000 files, which represent approximately 10.6% of the total 6.77 million documents stored. Among the stolen files, around 110,000 were related to KHNP’s technology.
KHNP stated that the majority of the leaked files pertained to older nuclear plant models and had little connection to newer models such as the APR-1000 and APR-1400. The company assured the public that “the leaked documents do not directly impact nuclear safety and reported no physical damage as a result of the incident.”
Furthermore, KHNP emphasized that physical security measures for its nuclear facilities are robust, reducing the likelihood that external forces could use the leaked data to breach facilities or damage operational systems.
However, Rep. Choi criticized the company’s response, warning, “KHNP claims that no key technologies for newer reactors were leaked, but that may have been a matter of luck. This cyberattack poses not only a technical threat but also a serious risk to national security.”
KHNP announced plans to enhance cybersecurity for its smaller partner companies, which often lack resources for adequate protection, by providing customized institutional support, recommending dedicated security personnel, and raising awareness about cybersecurity risks.
BY HAYJUNE LEE, YOUNGNAM KIM [lee.hayjune@joongang.co.kr]
