Search TorNews

Find cybersecurity news, guides, and research articles

Popular searches:

Home » News » Data Breaches » U.S. Security Firm Ignored Hacker Warnings, Sparking Dark Web Leak

U.S. Security Firm Ignored Hacker Warnings, Sparking Dark Web Leak

By:
Last updated:October 21, 2025
Human Written
  • SK Shieldus failed to notice a cyber attack for over a week despite receiving two intrusion warnings from attackers.

  • A report from Rep. Choi Soo-jin on October 20th noted that the security firm received two warnings from an anonymous hacker group on the 10th and 13th of September.

  • Over 24 gigabytes (GB) of Gmail data belonging to a technical sales worker at SK Shieldus was hacked in the incident.

SK Shieldus Neglected Hacker Warnings, Resulting in Dark Web Data Leak

In recent developments in cyberspace, a US-based security company originating from South Korea with headquarters worldwide (including the US), fell victim to a ransomware hack conducted by hacker group Blackshrantac. SK Shieldus reportedly neglected the cyber breach for a week, even after having two intrusion warnings from Blackshrantac.

BlackShrantac further published photos of some of the stolen files, proving its access to certain sensitive files of the security company.

It initially explained that only a digital environment (honeypot) had been attacked, but it appeared that the breach included documents associated with actual work.

SK Shieldus Ransomware Breach

SK Shieldus established a honeypot, a digital environment to attract cyber attackers on September 26th, 2025. The company set up this digital system intentionally to monitor and identify hackers’ patterns.

Unfortunately, the testing process stopped when a hacker infected an employee’s personal email account with malware. Blackshrantac then used this cyber breach to send two warning emails to SK Shieldus, but the security firm neglected them. SK Shieldus denied the claims of the breach, declaring that the honeypot environment was functioning normally.

Further investigations revealed an unforeseen vulnerability in the system, which led to Blackshrantac’s successful hack.

SK Shieldus became aware of the incident on October 17th, confirming that internal documents connected to the firm had been published on the dark web. Eventually, SK Shieldus reported the cyber attack to the Korea Internet & Security Agency (KISA), one week after receiving the warnings from the attackers.

The firm later responded to criticism over the delayed report, stating that it recognized the cyber damage on the 17th and reported the leak within 24 hours, on the 18th.

How the Attack Occurred

During investigations, an SK Shieldus technical sales employee’s personal account had signed in automatically on a virtual machine (VM) linked to the honeypot.

Hackers stole 24 gigabytes (GB) of Gmail data belonging to an SK Shieldus technical sales employee during the incident. Reports say the leak included a large amount of work-related content, such as technical security information.

SK Shieldus is a technology firm that prioritizes mobile and web app security. The tech giant specializes in offering detailed security solutions via the use of Artificial Intelligence (AI) algorithms to spot and mitigate possible threats. The firm’s services include code review, vulnerability assessments, and penetration testing to aid companies in protecting their virtual assets adequately.

Some of SK Shieldus’ clients potentially affected by the leak include SK Telecom, semiconductor companies, public institutions, and financial organizations. Thus, there is a possibility of more significant damage due to the incident.

This incident with SK Shieldus has shown the increasing need for proactive cybersecurity measures going forward.

Some of the leaked data by Blackshrantac included SK Shiledus’ security technical files, system diagrams, customer details, HR and payroll information, and API authentication keys.

Share this article

About the Author

Buxyen O

Buxyen O

Privacy Specialist & Security Architect

Buxyen is a privacy specialist dedicated to building and deconstructing secure digital environments. He combines hands-on testing with deep technical analysis to evaluate privacy tools, from VPNs and anonymous networks to secure communication protocols. His work provides a clear, practical framework for individuals and organizations aiming to architect a robust, privacy-first digital life.

View all posts by Buxyen O >
Comments (0)

No comments.