Yes24: “Books, tickets, etc.scheduled to resume today, emergency response in progress” [Full text]

Online bookstore Yes24 has announced its response to the ransomware incident.

Yes24 has been experiencing connection errors for the fifth day in a row due to a ransomware failure since the early morning of the 9th.All Yes24 services(books, tickets, eBook, electronic library, etc.) are down.Actor Park Bo-gum, band Day6, group Enhypen, and singer B.I, who had been preparing events using Yes24 as a reservation site, were hit hard.

Regarding this, Yes24 announced, “Since the accident, we have been making every effort to normalize services by activating an accident response team centered around the company’s CEO.We plan to resume some services, such as books and tickets, this afternoon(the 13th).” They added, “Other services, including e-books, are expected to be available sequentially thereafter.We will quickly announce the detailed service resumption schedule through our website and SNS as soon as it is confirmed.”

They said, “Currently, we are maintaining an emergency response system so that this incident can be resolved as quickly as possible, and all of our executives and employees are doing their best, and we are making every effort, including receiving assistance from external experts in each field.We once again sincerely apologize for the inconvenience caused to customers who trust and use Yes24.We will conduct a thorough security check of the entire system and data, and establish the highest level of cyber defense measures to prevent similar failures from recurring in the future.”

Yes24 has corrected some of their previously announced statement and stepped forward to explain.They said, “We would like to explain why there were parts of our previously announced statement that were different from the facts, such as ‘cooperating with KISA.’ We stated that we were ‘doing our utmost to analyze the cause and work on recovery in cooperation with KISA,’ but this was an error caused by confusion in our internal understanding and communication process.” They continued, “As the resumption of service was our top priority, we were focusing on the situation, so we visited KISA twice, on Tuesday, June 10th and Wednesday, June 11th, and we discussed starting full-scale cooperation once the situation was somewhat resolved.We understood that the investigation had begun without a separate request for technical support regarding this matter.We ask for your understanding on this matter.”

In the meantime, he said, “We requested technical support from KISA on the 12th(Thursday)regarding the ransomware investigation, and KISA investigation team visited our company in the afternoon of the same day to begin a joint investigation.We ask for your understanding as it is difficult to provide a detailed explanation regarding the cause of the accident, etc.as it may affect KISA’s investigation and the police investigation.”

Yes24, System Phased Recovery and Service Resumption Notice

We’d like to provide you with an update regarding the resumption of service, as well as other details regarding our ongoing incident response.

Since the accident, we have been working hard to normalize services by activating the accident response team centered around the CEO of the company.We plan to resume some services, including books and tickets, this afternoon(the 13th).Other services, including e-books, are expected to be available sequentially thereafter.

We will provide detailed information on the service resumption schedule as soon as it is confirmed through our website and SNS.

Currently, all of our executives and employees are doing their best to maintain an emergency response system so that this incident can be resolved as quickly as possible, and we are making every effort, including receiving assistance from external experts in each field.

We sincerely apologize once again for the inconvenience caused to our customers who trust and use Yes24.We will conduct a thorough security check of the entire system and data and establish the highest level of cyber defense measures to prevent similar failures from recurring in the future.

In addition, we would like to explain that there are some parts of the previously announced statement regarding ‘cooperation with KISA’ that are inaccurate.

They stated that they were ‘doing their utmost to analyze the cause and carry out recovery work in cooperation with KISA’, but this was an error that occurred due to confusion in the internal understanding and communication process.

Since the resumption of service was the top priority and we were focusing on the situation, KISA visited us twice on Tuesday, June 10th and Wednesday, June 11th, and we discussed starting full-scale cooperation once the situation was somewhat resolved.I understand that the investigation was launched without a separate request for technical support.We ask for your understanding on this matter.

We requested technical support from KISA on the 12th(Thursday)regarding the ransomware investigation, and KISA investigation team visited our company in the afternoon of the same day to begin a joint investigation.

We ask for your understanding as we cannot provide a detailed explanation regarding the cause of the accident, etc., as this may affect KISA’s investigation and police investigation.

Reporter Jeong com -yeon, Donga.com shine2562@donga

This article is automatically translated using Google AI. If you notice any inaccuracies, please let us know at allkstar@donga.com.