DK-Lok, an industrial supplier based in South Korea, joins the ranks of companies who experienced data security breaches. The industrial contract reportedly suffered from a data breach, revealing global enterprise client data.
According to ZD Net, DK-Lok is an industrial company which supplies a variety of materials for clients around the globe. Most of these supplies include fittings, pipes, semiconductor regulators, and valves. Some of its clients include customers from the United States and Europe.
Cybersecurity researchers from vpnMentor, Noam Rotem and Ran Locar, detected the data breach affecting the South Korean company. In their report, the researchers disclosed they found the breach on DK-Lok’s emailing platform. The leak was located in the company database.
Researchers gained access to DK-Lok’s email platform, thereby seeing internal and external company communications. Some of the data retrieved by the cybersecurity team ranged from staff emails, client communications, and personal emails. The personal emails received on the work address include promotional materials and newsletters sent by hotel operators, notes ZD Net.
vpnMentor states the correspondences contained private and confidential information, most of which discussed the operations of the company. Product discussions and client relations also became compromised in the breach.
Private correspondences between DK-Lok employees and clients include product prices, quotations, project bids, travel arrangements, and more.
Communications with global enterprise clients spanned over 10 countries. vpnMentor reveals some clients hailed from Australia, Brazil, Canada, Egypt, France, Germany, Iran, Israel, Italy, Jordan, New Zealand, and Portugal. Meanwhile, other clients came from Russia, South Africa, South Korea, Turkey, and the United States of America.
Apart from sensitive client information, personal client and employee information also became compromised by the vulnerability in the company’s platform. Some of the information includes the full names of both employees and clients, email addresses, employee usernames, and phone numbers. Details of professional events and conventions attended by DK-Lok staff were also disclosed.
Meanwhile, personal correspondences contained Alibaba orders and spam/junk mail from Viagra and hair growth products.
Implications of the data breach mainly affect client relations and reputational damage from the side of DK-Lok. Researchers believe this massive leak could put a strain on the firm’s performance and client trust.
Both the researchers from vpnMentor and writers from ZD Net reached out to the South Korean company. However, despite constant emails and communications attempts, DK-Lok failed to issue a statement or comment on the incident. Correspondences sent by both parties were placed in the trash bin.