Republic of Korea: Issued ruling in PIPC investigation into Incruit compliance with Personal Information Protection Act including corrective orders and penalties

On 12 July 2023, the Korean Personal Information Protection Commission (PIPC) issued its ruling in the investigation into Incruit Co compliance with Personal Information Protection Act. The PIPC stated that Incruit Co experienced a security attack on its recruitment information site, resulting in personal information leakage due to the lack of detection and blocking measures to ensure the security of the stored data. The company failed to implement access control measures. Incruit Co was fined a total of KRW 74.2 million.