Personal Information of Over 17,000 Cases Leaked from Happy Point... 1.5 Billion KRW Fine Imposed
Personal Information Protection Commission Imposes Fine and Penalty on Sektanain
Secondary Damage Occurred Due to Unauthorized Use of Points
The Personal Information Protection Commission has decided to impose a fine of 1.477 billion KRW and a penalty of 7.2 million KRW on 'Sektanain,' the operator of the Happy Point membership.
On the 12th, the Commission held a plenary meeting and resolved to take such measures against Sektanain, which caused two data breaches by failing to take sufficient measures to protect customer information.
From October 5 to 11, 2022, an unidentified hacker attempted to log in by indiscriminately inputting multiple IDs and passwords into the Happy Point application using a 'credential stuffing' attack method and succeeded in logging in.
Through this, personal information of a total of 7,585 people, including names, IDs, gender, birth year, and Happy Point card numbers, was stolen, and secondary damage occurred due to unauthorized use of Happy Point. From October 30 to November 3, 2023, a hacking attack using the same method occurred again, resulting in additional leakage of personal information of 9,762 people.
It was investigated that Sektanain did not take sufficient measures to protect customer information. They did not prepare measures to detect and block large-scale login attempts from the same IP address within a short period, and neglected encryption measures to protect personal information.
Hot Picks Today
"Could I Also Receive 370 Billion Won?"... No Limit on 'Stock Manipulation Whistleblower Rewards' Starting the 26th
- Samsung Electronics Labor-Management Reach Agreement, General Strike Postponed... "Deficit-Business Unit Allocation Deferred for One Year"
- "From a 70 Million Won Loss to a 350 Million Won Profit with Samsung and SK hynix"... 'Stock Jackpot' Grandfather Gains Attention
- "Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Who Is Visiting Japan These Days?" The Once-Crowded Tourist Spots Empty Out... What's Happening?
The Personal Information Protection Commission urged Sektanain to carefully establish recurrence prevention measures and make special efforts to prevent further data breaches.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
