Photo : KBS News
The government has slapped fines worth one-point-two billion won, or 810-thousand U.S. dollars, on matchmaking firm Duo following its delayed disclosure of a data leak involving the personal information of some 430-thousand members.
The Personal Information Protection Commission released a media statement Thursday that an employee’s computer was hacked in January of last year, leading to the exposure of sensitive personal details of 427-thousand-464 members, including IDs, passwords, names, dates of birth and addresses, as well as height, weight, religion, education and past marital status.
The regulator noted that Duo failed to promptly report the data leak after its discovery and ordered the company to notify its members immediately.
Under South Korean law, businesses and other entities are required to report any potential data breaches to the authorities as soon as they are detected.
The commission also found that Duo had not implemented adequate data protection measures, such as restricting access to its database after multiple failed login attempts.
It also mandated the company to strengthen its data protection measures, reassess its personal information processing methods to reduce unnecessary data collection, and publicly disclose the punitive measures on its website.