Police in South Korea have arrested four individuals following a massive cybercrime operation that compromised the privacy of tens of thousands of citizens. The breach involved the hacking of more than 120,000 Internet Protocol (IP) cameras installed in private residences and commercial properties.
The Scale of the Breach and Criminal Operation
The footage stolen from these cameras was allegedly used to create sexually exploitative content, which was then sold on an overseas website. According to a statement from South Korea's National Police Agency released on December 1, 2025, the suspects exploited basic security weaknesses in the cameras, such as simple or default passwords.
IP cameras, often used as a cost-effective alternative to traditional CCTV systems, connect directly to a home internet network. They are popular for monitoring security, children, or pets. The investigation revealed that the locations of hacked devices were disturbingly intimate, including private homes, a pilates studio, a gynaecologist's clinic, and karaoke rooms.
The four suspects are believed to have acted independently. One individual is accused of hacking an astonishing 63,000 cameras and producing 545 exploitative videos, which he then sold for virtual assets worth approximately 35 million won (£9,250). Another allegedly breached 70,000 cameras, selling 648 videos for 18 million won. Together, these two were responsible for 62% of the videos uploaded to the illicit website in the past year.
Police Action and International Cooperation
Authorities are now working with foreign agencies to identify and shut down the website's operator. In addition to the four primary suspects, three other people suspected of purchasing and viewing the illegal material through the site have also been taken into custody.
Park Woo-hyun, a cyber investigation chief at the National Police Agency, emphasised the severity of the crimes. "IP camera hacking and illegal filming inflict immense suffering on victims and are therefore serious offences," he stated. "We will eradicate them through vigorous investigations. Viewing and possessing illegally filmed videos are also serious crimes, so we will actively investigate them."
Guidance for Victims and Users
So far, authorities have personally visited or notified victims at 58 identified locations, informing them of the breach and providing support. This includes guidance on changing passwords and assistance with deleting and blocking stolen content. Efforts continue to identify other potential victims.
The National Police Agency issued a stark warning to all users of such devices. "Above all, it is crucial and effective for individual users who have installed IP cameras in homes or business premises to remain vigilant and immediately and regularly change their access passwords," the agency advised in its statement.
This case serves as a critical reminder of the vulnerabilities in everyday connected devices and the devastating real-world consequences of cyber-enabled exploitation.
