CJ Group has filed a complaint with the Seoul Metropolitan Police Agency after personal information of about 330 female employees was posted on a Telegram channel, including mobile numbers, job titles, internal phone numbers, and photographs. The company says
The post looked ordinary on the surface—just names, numbers, and photos on a Telegram channel. But for the women identified as CJ Group employees, it was something else entirely: their work details and personal identifiers were suddenly circulating outside the boundaries of the company.
CJ Group has now asked the police to investigate the leak. On May 20, the company said it submitted a complaint to the Seoul Metropolitan Police Agency the previous day, citing a violation of the Personal Information Protection Act.
The company’s request comes after the scope and type of information posted became clearer. On May 18, it was confirmed that a Telegram channel posted the mobile phone numbers, job titles, internal phone numbers, and photographs of around 330 female employees of CJ Group.
The Telegram channel has been active since 2023 and reportedly has about 2,800 members. Some of the leaked information was said to be accessible through the company’s internal intranet. a detail that has shifted the focus toward the possibility of insider involvement rather than an outside hack. Industry experts suggested the breach was more likely to have originated from within the company because of that intranet connection.
CJ Group also walked through the legal timeline. The company said that the incident was determined not to fall under cases that require reporting to the Personal Information Protection Commission. Under current law, reporting is mandatory in certain large-scale data breaches or leaks involving uniquely identifiable or sensitive information. In this case, it had not yet been confirmed whether such information was among what was posted.
A CJ Group representative said, “We plan to fully cooperate with the police investigation,” adding, “We have individually notified the affected employees and are implementing measures to prevent secondary damage.”
For the employees already identified—mobile numbers. job titles. internal phone numbers. and faces placed into a Telegram stream—the difference between “accessed from intranet” and “unknown data leak” is not academic. It changes what they fear could happen next: who might have had a path to that information. and how quickly that access can be stopped.
CJ Group police investigation Telegram leak personal information female employees intranet Personal Information Protection Act Seoul Metropolitan Police Agency