[Asia Economy Reporter Seungjin Lee] Businesses that neglected their obligations to implement safety measures for personal information protection have been sanctioned.
The Personal Information Protection Commission held its 18th plenary session on the 16th and decided to impose a total fine of 18 million KRW and corrective orders on four businesses that violated personal information protection regulations.
The sanctioned businesses are Hyundai Motor Company, Nongshim, IMO, and LPI Team.
Hyundai Motor Company linked its application with real-time broadcast sales (live commerce) and deployed source code that had not completed testing to the operation server, causing a system error that led to the leakage of personal information of six individuals. Nongshim provided a simple social network service (SNS) login feature for app use but failed to validate the authenticity of values that could identify users, resulting in the leakage of personal information of one individual.
IMO operated a business-exclusive text message sending website but neglected security measures such as access rights to the personal information processing system and vulnerability checks on the website, leading to a hacker attack that leaked personal information of nine individuals. Additionally, they did not store or manage database (DB) server access logs for at least one year, nor did they store users' passwords using one-way encryption to prevent decryption. Furthermore, they reported the leakage after more than 24 hours without justifiable reason and failed to notify users of the leakage, resulting in fines and corrective orders.
LPI Team operated a business-exclusive mobile phone accessory shopping mall but allowed access to the personal information processing system from outside without applying secure authentication methods such as two-factor authentication, permitting login with only an ID and password.
Jinseong Cheol, Head of Investigation Division 2 at the Personal Information Protection Commission, emphasized, “Businesses handling personal information must continuously check their obligations related to safety measures to prevent personal information leakage incidents, and if such incidents occur, they must faithfully notify the victims to prevent secondary damage.”
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
