South Korea’s data watchdog barks warnings at Microsoft and five local firms

Microsoft and five other companies have received fines totaling US$75K from South Korea’s Personal Information Protection Commission (PIPC), for running afoul of local data protection laws.

The Commission fined Microsoft 16.4 million won (US$14,700) for failing to have protective measures on administrative accounts that led to the leak of over 119,000 email accounts, 144 of which belonged to South Korean residents. Furthermore, when Microsoft announced the leaks, it did so within 24 hours of the incident in English but not until 11 days later in Korean. The PPIC said Korean users should be notified in Korean.

South Korean web giant company Kakao’s blockchain subsidiary Ground X and software company Innovation Academy were each handed 25 million won (US$22,400) in penalties for general privacy naughtiness. Ground X was slapped with an extra six million won (US$5,400) fine for not protecting passwords and Innovation Academy wore three million won (US$2,700) for a data leak.

World MathFusion Olympiad Korea, the Korean Mountainbike Federation, and the Korea Professional Football League all received three million won (US$2,700) fines for data mismanagement with the football league also requiring corrective action.

The PPIC investigated after receiving reports of data leaks due to hacking and/or employee error. In the Commission’s announcement of the fines, a government official warned that the PIPC will continue to prevent the leak of personal information and organizations should therefore properly manage collected data.

Data management is a hot topic in South Korea as the country’s Fair Trade Commission set up an investigation team earlier this week to determine if the sheer amount of data collected by Big Tech makes it anti-competitive. ®

READ MORE HERE