LG U+ fined as a third party downloads and sells customer data
Korea JoongAng Daily

Home > Business > Industry

print dictionary print
Published: 09 Dec. 2020, 19:01 Updated: 09 Dec. 2020, 19:34

LG U+ fined as a third party downloads and sells customer data

The Personal Information Protection Commission announces Wednesday that it imposed a total of 75 million won ($69,000) in fines to four companies including LG U+ and two of its branches. [YONHAP]

The Personal Information Protection Commission announces Wednesday that it imposed a total of 75 million won ($69,000) in fines to four companies including LG U+ and two of its branches. [YONHAP]

 
LG U+ was hit with 21.6 million won ($20,000) in government fines for a failure to secure customer data, which led to a massive breach and unauthorized sharing of sensitive information.  
 
The Personal Information Protection Commission (PIPC) announced Wednesday that it imposed a total of 75 million won in fines on four companies: LG U+, two of the mobile carrier’s brick-and-mortar stores and a third-party company that had illegally leaked LG U+’s customer information.  
 
LG U+ subscribers to high-speed internet were victims of the data leaks.  
 
This is the first case in which a telecommunications company was held directly responsible and penalized for customer data leaks that happened at its branches. These stores are not directly run by headquarters but are more like franchises run by individual owners.  
 
According to the PIPC, the two LG U+ branches hired a company named ITL to manage information of new subscribers to LG U+’s high-speed internet. This was done without the consent of headquarters.  
 
In the process, ITL was granted access to the carrier’s internal system between September 2016 and June 2019. ITL then saved LG U+ customer information without encryption and sold it to clients.
 
The two stores were fined a total of 23.2 million won for violating laws on personal data protection. ITL was fined 30.2 million won for illegally collecting and selling customer information.
 
The commission concluded LG U+’s ignorance about the three-year-long data leak was itself a violation of the domestic data protection law.  
 
“While an unauthorized company accessed its user information system between September 2016 and June 2019, LG U+ neglected its duty to monitor these records and failed to properly supervise its branches,” the PIPC said.  
 
Of the 21.6 million won fine, 1.16 million won was for loose supervision, while the other 10 million won was imposed for failing to keep a third-party company away from its customer database.  
 
BY SONG KYOUNG-SON   [song.kyoungson@joongang.co.kr]
tags LG U+ mobile carrier Personal Information Protection Commission

More in Industry

'Nothing is getting done': Angry mob storms TMON offices over refund policy

Kakao enters emergency mode after founder's arrest

Kia reports record-high $2.6 billion operating profit in Q2

Hanwha Ocean selected for $331 million project to build Korean Navy ship

SK hynix to spend 9.4 trillion won in first chip line of Yongin cluster

Related Stories

LG U+ made contact with hacker group claiming data theft

Laws try to help kids with their sharing of info online

Younger Koreans now have the right to be forgotten

Phone companies give names of people in Itaewon

Kakao fined $11.1 million for 2023 data breach
Log in to Twitter or Facebook account to connect
with the Korea JoongAng Daily
help-image Social comment?
s
lock icon

To write comments, please log in to one of the accounts.

Standards Board Policy (0/250자)