"Everyone's Startup" Personal Information Leak Caused by Participating Company, Not External Hackers

Minister Sung Hanseong of the Ministry of SMEs and Startups attended the launch ceremony of the first batch of Everyone's Startup held at SVC Seoul in Mapo-gu, Seoul on the 16th and delivered a congratulatory message. 2026.06.16 Photo by Dongju Yoon

View original image

The recent personal information leak on the Ministry of SMEs and Startups’ support platform “Everyone’s Startup” was found to have been caused not by external hackers, but by unauthorized data collection by a company participating in the project.

According to a personal information leak report submitted to Assemblyman Kang Seung-kyu of the People Power Party by the Korea Institute of Startup & Entrepreneurship Development on the 21st, an AI solutions company participating in the project was found to have acquired non-public participant email addresses through abnormal API (Application Programming Interface) calls and web crawling on June 15, and then sent promotional emails to those addresses.

The Korea Institute of Startup & Entrepreneurship Development determined that although these email addresses were not displayed on the service interface, vulnerabilities in some server APIs allowed access by certain methods. It was also confirmed that, in addition to email addresses, judging comments and summaries of startup ideas were leaked in the process.

This incident is drawing controversy because, unlike typical external hacking cases, the entity responsible for collecting the information was a company involved in the project’s operation. The company in question had participated in the project as a provider of AI solutions to help participants refine their startup ideas.

To minimize damage, the Korea Institute of Startup & Entrepreneurship Development plans to provide a feature on its website that allows users to check whether their personal information was leaked and to operate a separate channel for reporting damages. In addition, all 5,000 project finalists were notified of the leak by text message, and relevant authorities have been informed. However, the institute stated that further investigation is needed to determine the precise scale of the leak.

The Ministry of SMEs and Startups plans to hold a briefing on June 22, presided over by First Vice Minister Roh Yongseok, to explain the current status of “Everyone’s Startup” operations and outline follow-up measures.

Hot Picks Today

"Wow, This Is Addictive": Justin Bieber's Wife Raves About 'Ddungbaratte'... Foreign Tourists Flock to K-Convenience Stores [K-Holic]

• "Exorbitant Food Prices" Beer Costs 30,000 Won per Glass... Locals Outraged Over Record Price Gouging at the World Cup [Current Affairs Show]
• "With 6.6 Trillion Won in Funds Secured"...'Chinese Samsung and SK Hynix' Listing Imminent, Will Chinese Semiconductors Benefit? [Weekend Money]
• "My Income Has Increased, So Why Do I Feel Worse Off?"... The Middle Class Didn't Collapse, It Moved Upward [Weekend Money]
• "Getting Your Hair Pulled and Kicked Is Routine... '9 Inmates Packed into 5 Pyeong' Cheongju Women's Prison, the Reality of Sweltering Heat [Reportage]"

Assemblyman Kang pointed out, “It appears that the personal information leak occurred at a company participating in the project,” and stressed, “Rather than pushing the project forward recklessly, a comprehensive review of the lax management system should be prioritized.”

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.