Privacy watchdog chief signals substantial fine for SKT over data breach
Korea JoongAng Daily

Home > Business > Industry

print dictionary print

Privacy watchdog chief signals substantial fine for SKT over data breach

Published: 08 May. 2025, 16:40 Updated: 09 May. 2025, 12:02
Personal Information Protection Commission Chairperson Ko Hak-soo gives a lecture about Korea's personal data policies at a seminar hosted by the American Chamber of Commerce in Korea (Amcham) at Grand Hyatt Seoul in central Seoul on May 8. [PERSONAL INFORMATION PROTECTION COMMISSION]

Personal Information Protection Commission Chairperson Ko Hak-soo gives a lecture about Korea's personal data policies at a seminar hosted by the American Chamber of Commerce in Korea (Amcham) at Grand Hyatt Seoul in central Seoul on May 8. [PERSONAL INFORMATION PROTECTION COMMISSION]

 
Korea’s privacy regulator chief said Thursday that SK Telecom (SKT) is likely to face a substantial fine, citing the severity of the recent data breach caused by the hacking incident.
 
“The fine to be imposed against SKT is bound to be high considering the circumstances,” Personal Information Protection Commission (PIPC) chairman Ko Hak-soo told the Korea JoongAng Daily after a seminar hosted by the American Chamber of Commerce in Korea (Amcham) held at Grand Hyatt Seoul in central Seoul.
 
SKT’s data breach is often compared to a similar but far smaller hacking incident at rival LG U+, which was fined 6.8 billion won ($4.86 million) by the PIPC in July 2023 after a data leak affected 300,000 users.
 
“SKT’s penalty is likely to be higher than LG U+ for three reasons,” Ko said. “Legal revisions introduced since then allow for tougher sanctions, the scale of SKT’s leak is significantly larger affecting 25 million subscribers, and unlike LG U+, where the breach involved a supporting database, SKT’s data was compromised directly from its primary database.”
 

Related Article

 
Under the revised Personal Information Protection Act since September 2023, fines are capped at 3 percent of the company’s total revenue, rather than just the revenue directly linked to the violation. However, to avoid excessively heavy penalties, companies may exclude portions of their revenue if they can provide evidence providing those amounts are unrelated to the violation.
 
When pressed for comment whether the fine would be an all-time-high for domestic companies, surpassing the 15.1 billion-won figure set by Kakao’s data breach in May 2024, Ko did not answer.
 
The privacy regulator has also been investigating major robot vacuum brands — including China’s Roborock, Ecovacs, and Xiaomi — since March, amid concerns that Chinese manufacturers may be improperly collecting and transmitting Korean users’ personal data overseas.
 
“I cannot say for certain when the investigation results will be released,” Ko said, adding that the PIPC is currently focused on examining privacy practices and legal compliance, rather than imposing penalties. 

BY LEE JAE-LIM [[email protected]]
tags PIPC Amcham privacy SKT

More in Industry

HYBE chairman summoned to testify in Kakao founder's stock manipulation trial

Hitejinro to raise beer prices on high raw materials costs

Samsung Electronics unveils ultra-slim Galaxy S25 Edge

Hyundai Motor launches upgraded Ioniq 5, Kona Electric with enhanced features

Big breaches and small fines continue to expose Korean consumers

Related Stories

Amcham presses national tax agency for quicker policy talks

CEO risk, labor market need addressing to boost Korea's competitiveness, says Amcham

Amcham's latest insight report reveals policy recommendations amid tariff tensions

Amcham hosts discussion on privacy policies in AI era

Amcham report calls for eased regulations in 9 sectors to lure companies
Log in to Twitter or Facebook account to connect
with the Korea JoongAng Daily
help-image Social comment?
s
lock icon

To write comments, please log in to one of the accounts.

Standards Board Policy (0/250자)