Republic of Korea: Issued PIPC ruling in investigation into LG U+ Co regarding leakage of personal information

On 12 July 2023, the Korean Personal Information Protection Commission (PIPC) issued a ruling regarding their investigation into LG U+ Co., a mobile network operator, concerning a breach of personal information. The investigation revealed approximately 30,000 instances of data leakage, where hackers illicitly obtained and disseminated personal details, including mobile phone numbers, names, addresses, dates of birth, email addresses, and IDs on unauthorized transaction platforms. Additionally, the investigation concluded that LG U+'s data protection measures were inadequate. PIPC imposed a fine on LG U+ Co. of KRW 6.8 billion and an administrative fine of KRW 27 million. Furthermore, corrective measures were ordered to prevent recurrence, such as overall system inspection and improvement of vulnerable parts.