KISTI SMART K2C Database Breach: 7.79 Million Users' Data Exposed

In a concerning development for the cybersecurity landscape, the Korea Institute of Science and Technology Information (KISTI) has become the latest victim of a significant data breach. The breach, which was brought to light by the notorious hacker known as IntelBroker, exposed sensitive information of nearly 7.79 million users from KISTI's SMART K2C platform.

Company Overview

KISTI, the Korea Institute of Science and Technology Information, is a prominent research institution dedicated to advancing science and technology in South Korea. Established in 1962, KISTI serves as a pivotal hub for information and data in various scientific domains, providing cutting-edge computational resources, data analysis, and specialized knowledge services to researchers and policymakers. One of KISTI's significant initiatives is the SMART K2C platform, a knowledge-sharing and collaboration tool designed to facilitate scientific research and innovation. SMART K2C enables researchers to access a vast repository of scientific data, collaborate on projects, and engage in knowledge exchange, making it a cornerstone of KISTI's mission to advance scientific discovery.

Breach Details

In late April 2024, a post appeared on BreachForums, a notorious underground forum known for its association with cybercriminal activity. The post, authored by IntelBroker, announced the availability of a database belonging to KISTI's SMART K2C platform. The breach reportedly took place in May 2024 and resulted in the exposure of highly sensitive user data, including registration numbers, full names, physical locations, dates, and role holder categories.

This breach is particularly alarming due to the nature of the data compromised. The exposure of registration numbers and detailed personal information can lead to severe consequences, including identity theft, unauthorized access to sensitive resources, and potential blackmail. For an institution like KISTI, which plays a crucial role in national and international scientific research, such a breach could undermine trust in its systems and compromise ongoing research projects.

Threat Actor Profile: IntelBroker

IntelBroker is a well-known figure in the cybercriminal community, frequently associated with high-profile data breaches and the sale of stolen data. Operating primarily on BreachForums, IntelBroker has built a reputation for targeting organizations with valuable data and offering the compromised information to the highest bidder or releasing it to the public as a demonstration of their capabilities.

IntelBroker's tactics often involve exploiting vulnerabilities in web applications, databases, and network security infrastructures. The hacker's activities have been linked to several other significant data breaches in the past, making IntelBroker a persistent threat to organizations across various sectors.