There are two cases in South Korean news this week of note here today involving enforcement actions by South Korea’s Personal Information Protection Commission. One involves a travel agency, Modutour. The other involves a court decision about Meta’s data sharing.
Modutour Network Fined by PIPC
Yun Ye-won reports that Modutour Network, which neglected safety measures to protect personal information and resulted in the leak of personal information of 3.06 million people, was ordered to pay a fine of 740 million won. [Note: 740 million won = USD $508,416.33.]
The Personal Information Protection Commission announced on the 13th that it had decided at a plenary session the previous day to impose a fine and recommend improvement of the personal information protection management system on Modutour Network, which operates the travel agency Modutour, for violating the Personal Information Protection Act.
According to the Personal Information Protection Commission’s investigation results, in June of last year, an unidentified hacker uploaded a number of ‘web shell files’ by exploiting a file upload vulnerability on a webpage operated by Modutour Network.
Read more at Chosun Biz.
S. Korean top court rejects Meta’s appeal over user data sharing fine
Hans News reports that South Korea’s top court on Thursday rejected social media giant Meta’s appeal against a 6.7 billion-won ($4.6 million) fine imposed by the data protection watchdog for sharing user information without their consent, judicial sources said. In November 2020, the Personal Information Protection Commission (PIPC) fined Meta, formerly known as Facebook, after its probe found that the personal information of at least 3.3 million South Korean users had been provided to third parties without their knowledge from May 2012 to June 2018, reports Yonhap news agency.
Read more at Hans News India.