HotelsCombine, which violated the Personal Information Protection Act, has been fined over 100 million KRW in penalties and fines.
The Personal Information Protection Commission held a plenary meeting on the 26th and decided to impose a fine of 94.5 million KRW and a penalty of 16 million KRW on HotelsCombine.
It was revealed that HotelsCombine incorrectly designed its system in 2013 when developing its hotel reservation platform, allowing the creation of accounts that could access 'card information' in addition to the 'reservation information' that was supposed to be the only accessible data.
As a result, a hacker used phishing methods to steal IDs and passwords to access the HotelsCombine system and created accounts that could access card information. Consequently, the names, email addresses, hotel reservation details, and card information of 1,246 Korean users were leaked. It was also confirmed that HotelsCombine notified and reported this fact belatedly.
Meanwhile, the Personal Information Protection Commission also decided to impose a fine of 67.78 million KRW and a penalty of 11.4 million KRW on MoneyToday Broadcasting for failing to comply with personal information protection safety measures.
In the case of MoneyToday Broadcasting, a hacking incident occurred on its ongoing advertising contest site, resulting in the leakage of 133,633 administrator and member personal information records (including duplicates).
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
