Republic of Korea: Personal Information Protection Commission confirmed Incruit's implementation of corrective measures following large-scale personal data breach

Personal Information Protection Commission confirmed Incruit's implementation of corrective measures following large-scale personal data breach

On 14 May 2026, the Personal Information Protection Commission (PIPC) reported that Incruit completed implementation of corrective measures issued in response to the 2025 personal data breach affecting approximately 7.2 million records. The PIPC con…

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

other service provider

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2023-07-12

in force

On 12 July 2023, the Korean Personal Information Protection Commission (PIPC) issued its ruling in …

2025-10-23

in force

On 23 October 2025, the Personal Information Protection Commission (PIPC) fined Incruit KRW 463 mil…

2026-05-14

concluded

On 14 May 2026, the Personal Information Protection Commission (PIPC) reported that Incruit complet…

Description

Personal Information Protection Commission confirmed Incruit's implementation of corrective measures following large-scale personal data breach

Scope

Complete timeline of this policy change