South Korea slaps heavy fines on luxury brands over data leaks
South Korea’s data protection authority imposed a combined 36 billion won in penalties on the local operations of Louis Vuitton, Dior and Tiffany after breaches led to the exposure of customer information, reports a Qazinform News Agency correspondent.
The Personal Information Protection Commission approved the measures at a plenary session, levying a combined 36 billion won, or nearly 25 million US dollars, on Louis Vuitton Korea, Christian Dior Couture Korea and Tiffany Korea.
Louis Vuitton Korea received the largest penalty, 21.4 billion won, after hackers accessed an employee device on three separate occasions and obtained information on roughly 3.6 million clients. Authorities pointed to insufficient safeguards in the company’s remote access system.
Dior was fined 12.2 billion won over a breach affecting about 1.95 million users. The incident went unnoticed for three months. Tiffany was ordered to pay 2.4 billion won for a case involving around 4,600 customers. In both instances, exposed details included names and email addresses.
The regulator also took action against companies outside the luxury segment. BKR, the operator of Burger King in the country, was fined 924 million won for gathering data on children aged 13 or younger without parental approval.
Another 642 million won penalty was imposed on MGC Global, which runs the Mega MGC Coffee franchise, for distributing advertising messages to people who had not agreed to receive them.
Eight additional food and beverage businesses were sanctioned for violations of personal data protection rules, the commission added.
Earlier, Qazinform News Agency reported that the Korean National Police Agency, in cooperation with Cheil Worldwide, launched a nationwide public awareness campaign, “Voice Wanted,” aimed at curbing the rapid rise of phone scam crimes across the country.
