Seoul: South Korean cybersecurity authorities estimate that around 9.6 million accounts may have been affected by a recent cyberattack at Kyowon Group, a local education service provider, informed sources said Wednesday. The estimate by a government investigation team that includes the Korea Internet and Security Agency comes after Kyowon Group reported a possible breach on Monday, saying it had detected traces of a ransomware attack.

According to Yonhap News Agency, Kyowon said it became aware of abnormal activities in its internal system Saturday and later identified a possible data breach. The authorities estimate that 600 of the company's 800 servers fall within the scope of the breach.

The investigation team estimates Kyowon Group's eight affiliates held 13 million members in total, a figure that narrows to 5.54 million after removing overlaps. The 9.6-million estimate counts users holding more than one account. As Kyowon Group operates a wide range of businesses, including tutoring, home appliance rentals, and funeral services, experts said the number of victims could be substantial.

Kyowon Group has yet to confirm whether its members' personal data was actually leaked. "We have identified indications of a possible data leak, and an investigation is underway with relevant organizations and security institutions to determine whether consumers' data was actually breached," Kyowon Group said in a release. "If customer data is confirmed to have been leaked, we will notify users in a transparent manner," the company added.