The country’s data protection agency said it has fined a matchmaking service over the leak of its members’ sensitive personal information, including their weight, blood type and whether they were previously married.
The Personal Information Protection Commission yesterday said that the company, Duo, failed to implement adequate measures to safeguard their membership database and was slow to take action after its system was hacked last year.
It ordered Duo to pay a 1.21 billion won (RM3.2mil) fine, take corrective action to improve how it handles personal data and to fully disclose details of the incident.
Hackers gained unauthorised access to the company database in January last year and downloaded private personal information of more than 420,000 current and former members.
The data also included phone numbers, addresses, schools graduated from and workplaces, it said.
The commission said Duo also violated regulations on the collection and storage of personal data, such as citizenship ID numbers and passwords, and failed to meet a requirement to delete the information of nearly 300,000 members gathered more than five years ago.
Duo, one of South Korea’s best-known matchmaking services, said it respected the agency’s findings and “deeply regrets that we failed to adequately protect our members’ personal data”.
It said the breach resulted from a “hacking attack that was extremely difficult to detect or prevent”. — Reuters
