[YungShin] Announcement on behalf of major subsidiary YungShin Pharm IND. Co., Ltd. regarding the leak of consumer information from a third-party vendor's campaign website

1. Date of occurrence: 2026/05/15 2. Company name: YungShin Pharm IND. Co., Ltd. 3. Relationship to company: Subsidiary 4. Reciprocal shareholding ratio: Not applicable 5. Cause of occurrence: YungShin Pharm was notified today by a cybersecurity firm that hackers had accessed consumer invoice registration data on a third-party vendor's campaign website during routine network patrols. Upon investigation, the website had expired after the campaign ended in 2025. However, about 2,000 records processed during the campaign are suspected to have been accessed or leaked without authorization. The data includes Chinese names, addresses, email addresses, phone numbers, and invoice numbers. No payment transaction data is involved. 6. Countermeasures: (1) Immediately activated the cybersecurity response mechanism, requiring the vendor to isolate the system and conduct forensics. (2) Commissioned a professional cybersecurity team to assist in investigating the cause and impact. (3) Immediately reported to the Taichung City Investigation Office of the Investigation Bureau and will proactively notify affected consumers. (4) Will strengthen the vendor's cybersecurity management and personal data protection measures to mitigate risks. 7. Other matters: Currently, no core operational, trading, or financial systems have been compromised. Preliminary assessments show no material impact on YungShin Pharm's finances or operations.