The hacking of Yes24, the largest Internet bookstore in Korea, has blocked access to its website for four days, increasing inconvenience among consumers.
Yes24 said it is doing its best to restore it, but it seems to be even suffering from criticism as it refuses to support cybersecurity authorities in solving problems.
According to the industry on the 12th, Yes24 apps and homepages have been in service for four days due to hacking attacks on the 9th. Yes24 understands that major parts such as “server setting files” that control the operation of the server and “script files” running on the server have been hit. If a server configuration file or script file is attacked, the main server will be inaccessible.
In addition, the backup server is also known to have been directly or indirectly affected by hacking. A Yes24 official said, “The backup server is not being activated properly.”
The security industry explains that if the main server is hacked, it will be restored in about a day at the latest. However, as even the backup server is affected by hacking, the recovery operation seems to be taking longer than expected.
Yes24 is a powerhouse in Internet bookstores with more than 20 million members. It is a major affiliate of Hanse Yes 24 Holdings along with clothing company Hanse Industrial. Last year, sales were 671.4 billion won and operating profit was 16.2 billion won.
Yes24 is dividing the market with Kyobo Bookstore, but trust seems to have fallen to the bottom due to this incident. This is due to a series of cancellations of performances as well as book orders. Each local government library that receives e-book services through Yes24 is also experiencing inconvenience.
![Seongdong District Library website. [Photo source = Seongdong-gu Library]](https://i0.wp.com/nationalcybersecurity.com/wp-content/uploads/2025/06/news-p.v1.20250612.c6b7e8a796ca4568847e3e7b0e35b627_P1.png?w=1150)
Social networking services (SNS) have complaints about Yes24, such as “all personal information is leaked, sales figures and sales are likely to be problematic,” and “What happens to the e-book collection?”
In particular, Yes24 is causing criticism by making a false position that it is cooperating with the authorities while refusing to support cybersecurity authorities in solving problems.
On the same day, the Korea Internet & Security Agency (KISA) refuted Yes24’s position the day before, saying that it is different from the truth.
In the second statement of the hacking incident issued by Yes24, he said, “We are making all-out efforts to analyze and recover the cause in cooperation with KISA.”
Yes24 issued a statement the day before and said, “Currently, Yes24 Chief Security Officer Kwon Min-seok and related departments are working with KISA to analyze and recover the cause.”
In response, KISA explained that it dispatched accident analysis staff to Yes24 headquarters twice on the 10th and 11th to understand the hacking situation, but Yes24 did not cooperate with technical support only after hearing brief verbal explanations during the first visit.
Critics say that the government is in a hurry to “shush” rather than show a willingness to resolve the situation quickly by trying to solve the problem only internally while refusing to support the authorities.
An official from the security industry said, “It is not a legal obligation to receive recovery support from the authorities,” but added, “It is difficult to understand that Yes24 is refusing KISA support because it has not been able to solve the service failure caused by hacking for four days.”
Meanwhile, Yes24 announced that it has deployed more than 10 safety personnel and is working on restoration work day and night.
Yes24 said, “We expect to be able to restore the admission processing system at the performance site within 12 days as a top priority. Each other service will be restored sequentially within a day or two, and we expect it to normalize within Sunday at the latest.”
In addition, he added that he is preparing a compensation plan for customers who have been affected by the hacking incident.
