CJ Group Investigates Suspected Internal Data Leak After Employee Profiles Sell for Cryptocurrency
Seoul, Sunday, 24 May 2026.
The personal data of 330 female CJ Group employees was illicitly traded for cryptocurrency on Telegram, prompting a police investigation into a suspected internal corporate leak.
Tracing the Digital Footprint
South Korean conglomerate CJ Group (KRX: 001040) [GPT] is grappling with a severe privacy breach after the personal data of approximately 330 current and former female employees was exposed on the messaging app Telegram [1][2][3]. The leaked information, which surfaced on a channel named “Alien,” included sensitive details such as mobile and office phone numbers, job titles, personal photographs, and even pictures of the employees’ family members [1][2][3]. Because some of the exposed data was exclusively accessible via the company’s internal intranet, CJ Group suspects the breach originated from an internal source rather than an external cyberattack [1][3].
The Commodification of Employee Data
What elevates this incident from a standard data leak to a complex cybercrime is the monetization of the stolen profiles using decentralized blockchain networks [GPT]. The ownership of the “Alien” Telegram channel was auctioned off twice late last year on “Fragment,” a platform dedicated to the buying and selling of Telegram usernames and channels via cryptocurrency [2].
Internal Friction and Regulatory Loopholes
While CJ Group has stated it is actively monitoring the dark web and other online channels to prevent secondary damage, the corporate response has drawn criticism from the affected workforce [2][3]. Employees have expressed profound anxiety over the potential for secondary crimes, including voice phishing and deepfake exploitation [1][2]. Frustration peaked when company representatives allegedly deflected responsibility for the leaked photographs, suggesting the images were scraped from the victims’ personal social media accounts rather than the initial internal breach [2].