[Weekly Security Trends] 'Startup for All' Hacking Incident: Ideas of 5,000 Applicants Leaked, Among Others

The 'Modu-ui Chang-eop' (Startup for All) project, a national startup audition initiative run by the Ministry of SMEs and Startups (MSS) and operated by the Startup Promotion Agency, has suffered a significant data breach. Personal information and idea summaries of 5,000 first-round applicants were leaked after the project's system was compromised.

The incident reportedly stemmed from a cyberattack on a domestic AI solution provider that was supporting the project's backend systems. Hackers allegedly used AI technology to mimic legitimate credentials, exploiting an API to steal encrypted information. While the leaked data includes email addresses, idea summaries, and review comments, the MSS confirmed that applicants' real names, phone numbers, and detailed idea content have not been compromised.

In response, the MSS has notified the affected individuals and reported the incident to the Korea Internet & Security Agency (KISA). Immediate measures included blocking unauthorized access and reinforcing security features. A joint investigation involving the National Intelligence Service and the Personal Information Protection Commission is underway. The ministry is also providing comprehensive support to mitigate the impact on applicants, offering free registration for business plans, free technology escrow services for one year upon business registration, and one-on-one consultations with legal experts.

Meanwhile, a separate supply chain attack has impacted Tata Electronics, a key supplier for Apple and Tesla. The ransomware group 'World Leaks' claims to have stolen approximately 630 gigabytes of internal data, including design blueprints and material specifications for Apple products. Tata Electronics acknowledged a cyberattack on its IT infrastructure but stated that company operations remain unaffected. This incident highlights the growing threat of supply chain attacks targeting manufacturers globally.

“

We sincerely apologize to the users who have experienced worry and inconvenience due to this incident. As the minister in charge, I feel a heavy responsibility and deeply regret that we could not protect the trust of those who challenged entrepreneurship with faith in the government.