A threat actor claims to have breached SeAH Holdings (SeAH), a major South Korean company with a reported revenue of $4.6 billion. The actor states the breach occurred in November 2025 and was the result of compromising a contractor that works with the company.
According to the actor, the breach resulted in the theft of source code. The compromised data allegedly includes:
-
Source Code
-
Configuration Files
-
Access Keys
-
API Keys
-
Hardcoded Credentials
As proof, the threat actor posted a file tree structure from a project labeled ‘SeAH-Besteel’. The structure indicates a Java-based web application with packages for APIs, security, data models, and web services.












