Korean cops charge teens over bike hire breach that exposed data on 4.62M riders
(2026/02/24)
- Reference: 1771934029
- News link: https://www.theregister.co.uk/2026/02/24/korean_bike_breach_charges/
- Source link:
Two South Korean teenagers were this week charged with breaching Seoul's public bike service, Ttareungyi.
Identified only as Persons A and B, the pair, now of high school age, allegedly carried out the attack on Ttareungyi in June 2024 and stole data belonging to most of the service's registered users.
Officials said the leak affected 4.62 million people and with Ttareungyi reportedly having around 5 million registered users, that amounts to roughly 90 percent of all users.
[1]
Person A carried out the attack that gained access to the data trove, while Person B was the one who suggested downloading it, police said. The information included user IDs, phone numbers, [2]home addresses , email addresses, dates of birth, genders, and weights.
[3]
[4]
The Cyber Investigation Unit of the Seoul Metropolitan Police Agency confirmed the charges on Monday, saying the pair carried out the attack while still in middle school.
Police said they arrested the two teens on suspicion of violating the Information and Communications Network Act, and referred their case to the public prosecutor. They are not currently being detained pre-trial, although police twice sought to detain Person A, requests that were denied owing to their age.
[5]
The pair met on Telegram and bonded over their shared interest in information security, according to the announcement. Person B allegedly told the police that they carried out the attack to test and demonstrate their skills, while Person A exercised their right to remain silent.
[6]Suspected Anonymous members detained in Spain over post-flood DDoS blitz
[7]AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
[8]Attacker gets into France's database listing all bank accounts, makes off with 1.2 million records
[9]PayPal app code error leaked personal info and a 'few' unauthorized transactions
Their involvement in the Ttareungyi hack was only uncovered as part of a separate investigation into what police describe as a [10]DDoS attack on a private mobility rental company in April 2024, allegedly carried out by Person B.
After seizing the minor's devices, police found evidence linking them to the Ttareungyi strike and the identity of Person A, the [11]Chosun news outlet reported.
Officials notified Seoul Facilities Corporation, a government-owned company that oversees the Ttareungyi program, in January 2026 about their intention to investigate the public body regarding the security of its systems, according to [12]Korea Times .
Police said there is no evidence the compromised data has been leaked or sold, although investigators believe the pair's intention was to profit from the theft. ®
Get our [13]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://www.theregister.com/2016/07/20/silver_tongue_hacker_shows_how_one_home_address_can_lead_to_ruin/
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2026/02/23/anonymous_arrests_spain/
[7] https://www.theregister.com/2026/02/23/aws_fortigate_firewalls/
[8] https://www.theregister.com/2026/02/22/french_bank_hack/
[9] https://www.theregister.com/2026/02/20/paypal_app_code_error_leak/
[10] https://www.theregister.com/2026/02/23/anonymous_arrests_spain/
[11] https://www.chosun.com/english/national-en/2026/02/23/X4AOVZXXORHNLI5P5BOHMRZQRY/
[12] https://www.koreatimes.co.kr/southkorea/society/20260130/seouls-ttareungyi-public-bike-service-under-probe-for-data-leak-of-45-million-users
[13] https://whitepapers.theregister.com/
Identified only as Persons A and B, the pair, now of high school age, allegedly carried out the attack on Ttareungyi in June 2024 and stole data belonging to most of the service's registered users.
Officials said the leak affected 4.62 million people and with Ttareungyi reportedly having around 5 million registered users, that amounts to roughly 90 percent of all users.
[1]
Person A carried out the attack that gained access to the data trove, while Person B was the one who suggested downloading it, police said. The information included user IDs, phone numbers, [2]home addresses , email addresses, dates of birth, genders, and weights.
[3]
[4]
The Cyber Investigation Unit of the Seoul Metropolitan Police Agency confirmed the charges on Monday, saying the pair carried out the attack while still in middle school.
Police said they arrested the two teens on suspicion of violating the Information and Communications Network Act, and referred their case to the public prosecutor. They are not currently being detained pre-trial, although police twice sought to detain Person A, requests that were denied owing to their age.
[5]
The pair met on Telegram and bonded over their shared interest in information security, according to the announcement. Person B allegedly told the police that they carried out the attack to test and demonstrate their skills, while Person A exercised their right to remain silent.
[6]Suspected Anonymous members detained in Spain over post-flood DDoS blitz
[7]AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
[8]Attacker gets into France's database listing all bank accounts, makes off with 1.2 million records
[9]PayPal app code error leaked personal info and a 'few' unauthorized transactions
Their involvement in the Ttareungyi hack was only uncovered as part of a separate investigation into what police describe as a [10]DDoS attack on a private mobility rental company in April 2024, allegedly carried out by Person B.
After seizing the minor's devices, police found evidence linking them to the Ttareungyi strike and the identity of Person A, the [11]Chosun news outlet reported.
Officials notified Seoul Facilities Corporation, a government-owned company that oversees the Ttareungyi program, in January 2026 about their intention to investigate the public body regarding the security of its systems, according to [12]Korea Times .
Police said there is no evidence the compromised data has been leaked or sold, although investigators believe the pair's intention was to profit from the theft. ®
Get our [13]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://www.theregister.com/2016/07/20/silver_tongue_hacker_shows_how_one_home_address_can_lead_to_ruin/
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aZ3ZM3q8HkUz349Gi53kVgAAARE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2026/02/23/anonymous_arrests_spain/
[7] https://www.theregister.com/2026/02/23/aws_fortigate_firewalls/
[8] https://www.theregister.com/2026/02/22/french_bank_hack/
[9] https://www.theregister.com/2026/02/20/paypal_app_code_error_leak/
[10] https://www.theregister.com/2026/02/23/anonymous_arrests_spain/
[11] https://www.chosun.com/english/national-en/2026/02/23/X4AOVZXXORHNLI5P5BOHMRZQRY/
[12] https://www.koreatimes.co.kr/southkorea/society/20260130/seouls-ttareungyi-public-bike-service-under-probe-for-data-leak-of-45-million-users
[13] https://whitepapers.theregister.com/
Re: The Pitfalls of Too Much Data Collection
BartyFartsLast
Pretty sure GDPR isn't a thing in Korea.
ICBW
The Pitfalls of Too Much Data Collection
> The information included user IDs, phone numbers, home addresses, email addresses, dates of birth, genders, and weights.
Half that stuff is totally irrelevant to a bikeshare and never should have been collected in the first place.