 |
Photo courtesy of Yonhap News |
[Alpha Biz= Paul Lee] Louis Vuitton, Dior and Tiffany penalized after personal data of millions exposed
South Korea’s Personal Information Protection Commission (PIPC) has imposed a total of approximately KRW 36 billion in administrative fines on three luxury brands for large-scale personal data breaches involving customer information.
Louis Vuitton was fined about KRW 21.3 billion after malware infection from a hacker attack on an employee’s device led to the leakage of personal data belonging to approximately 3.6 million customers.
Dior was fined KRW 12.2 billion after a customer service employee fell victim to a voice phishing scam, resulting in the exposure of personal information of 1.95 million customers. Tiffany was also fined KRW 2.4 billion following a similar voice phishing incident that led to the leakage of personal data of around 4,600 individuals.
The PIPC stated that the fines reflect failures in safeguarding customer information and implementing adequate security controls.
Separately, the commission also imposed a total of approximately KRW 1.5 billion in fines on 10 food and beverage operators for negligence in personal data management. Among them, Burger King was cited for collecting and using personal information of children under the age of 14 without obtaining consent from their legal guardians.
Alphabiz Reporter Paul Lee(hoondork1977@alphabiz.co.kr)
