South Korea’s privacy watchdog has imposed fines totaling 36 billion won ($24.9 million) on the Korean units of luxury brands Louis Vuitton, Dior, and Tiffany for customer information leaks. Louis Vuitton Korea received the heaviest fine of 21.4 billion won due to a data breach affecting about 3.6 million customers. The breach involved the theft of personal information like user names, phone numbers, and birth dates through hacking into an employee device.
Christian Dior Couture Korea and Tiffany Korea were fined 12.2 billion won and 2.4 billion won, respectively, for data breaches resulting from employees mistakenly granting internal system access to malicious actors. Dior experienced a breach affecting approximately 1.95 million users, which went unnoticed for three months, while Tiffany’s breach involved around 4,600 users’ personal information, as reported by the watchdog. The leaked data from both companies included names and email addresses.
Additionally, the privacy watchdog fined Burger King Korea (BKR) 924 million won for collecting minors’ personal data without guardian consent and Mega MGC Coffee operator MGC Global 642 million won for sending unsolicited marketing messages. The regulator also penalized eight other food and beverage companies for violations of personal information protection laws.
In a separate development, South Korea’s financial regulator announced plans to enhance de-listing rules to expedite the removal of companies failing to meet necessary requirements. This initiative aims to enhance the KOSDAQ market, with companies below a market capitalization of 20 billion won facing delisting starting July 1, a threshold that will rise to 30 billion won next year.
