Yes24, Korea’s largest online bookstore and a major player in the ticketing industry, has issued a formal apology from its CEOs and announced the first round of compensation measures following a crippling ransomware attack that shut down its entire system for five days.
Co-CEOs Kim Seok-hwan and Choi Se-ra expressed deep regret on Monday over the disruption that began in the early hours of June 9, paralyzing all of Yes24’s services, including its website, mobile app, book sales and event ticketing.
“We sincerely apologize to all our customers and partners affected by this unprecedented service outage,” the CEOs said. “Yes24 has grown on a foundation of customer trust, and we take seriously the fact that this trust has been shaken. We are mobilizing all available resources to restore services and rebuild that trust.”
As part of its initial compensation plan, Yes24 announced the following measures. Customers who were unable to attend performances due to failed ticket reservations will receive a refund equivalent to 120 percent of the ticket price, issued as store credit by June 20. Customers who experienced delays in book shipments will receive 2,000 reward points, usable like cash on the platform. Expired gift certificates and discount coupons affected by the service outage will be extended.
The company added that additional compensation plans would be announced via its official website.
Yes24 also pledged to strengthen its cybersecurity framework. The joint CEOs stated that the company would “review the entire security infrastructure from the ground up,” establish an external advisory group for security oversight, and expand its cybersecurity budget to enhance resilience and operational reliability.
In its handling of the crisis, Yes24 has faced criticism for sluggish and inconsistent communication.
Although the outage began early Monday, the company did not confirm it was a ransomware attack until Tuesday, initially attributing the issue to “system maintenance.”
In addition, while Yes24 claimed to be working closely with the Korea Internet & Security Agency (KISA), the agency later stated that no formal request for technical support had been made and that only verbal briefings were provided during site visits.
Yes24 later said there had been “internal miscommunication,” explaining that while KISA had visited its headquarters twice, on June 10 and 11, the company was focusing on restoring services as a top priority, and formal collaboration was only discussed after those visits.
The company added that it officially requested technical support from KISA on Thursday, after which a KISA investigation team visited and launched a joint probe.
As of Tuesday morning, major services have been restored, though the English and Chinese-language stores and user reviews on My Page remain unavailable.
hwangdh@heraldcorp.com
