Possibility of Leaked User-Entered Personal Information
Leak Suspected During 2024 DDoS Attacks
It has been confirmed that more than 4.5 million member records from Seoul's public bicycle service "Ddareungi" have been leaked. The leaked data reportedly includes personal information such as names, phone numbers, dates of birth, and addresses.
According to the Seoul Metropolitan Government on January 30, the police currently believe the incident was caused by hacking and are tracking both the perpetrator and the route of the leak.
More than 4.5 million member records of Seoul's public bicycle service "Ddarungi" have been leaked. The police are currently tracking the source and route of the leak. Photo by The Asia Business Daily.
The number of leaked records identified so far is around 4.5 million. Given that the total number of Ddareungi members is about 5 million, this means that the personal information of most users has been compromised.
Since its official launch in October 2015, Ddareungi has operated more than 45,000 bicycles at over 2,800 rental stations throughout Seoul. The cumulative number of members has reached 5 million, and the total number of rides over the past 10 years has reached 250 million. Ddareungi has become a representative public platform in Seoul, serving as a means of transportation during commuting hours as well as for leisure on weekends.
Previously, the Seoul Metropolitan Government stated that names and resident registration numbers were not required when signing up for Ddareungi, so this information was not leaked. However, it appears that any personal information voluntarily entered by members may have been included in this leak.
The police became aware of the incident while investigating another case and discovered the existence of leaked Ddareungi member information. Following this, the Cyber Investigation Unit of the Seoul Metropolitan Police Agency notified the Seoul Facilities Corporation, which operates Ddareungi, by phone about the circumstances of the data leak.
The Seoul Metropolitan Government stated, "It is estimated that the incident occurred around April 2024, during a period when there were frequent DDoS (Distributed Denial of Service) attacks, but no damage reports were received." The police are expected to soon receive server data and other materials from the city for analysis.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![The Special Connection Between the Statue of Martyr Lee Jun in Jangchungdan Park and Mayor Oh Sehoon ③ [Current Affairs Show]](https://cwcontent.asiae.co.kr/asiaresize/319/2026012110001599450_1768957215.jpg)
