NewKerala.com

South Korea Slaps Louis Vuitton, Dior, Tiffany with $25M Fines for Data Leaks

South Korea's privacy watchdog has imposed combined fines of 36 billion won on the local units of Louis Vuitton, Dior, and Tiffany for serious customer data breaches. The largest fine targeted Louis Vuitton Korea after a hack stole data from 3.6 million customers via an employee device. Separately, Burger King and Mega MGC Coffee were fined for violations involving minors and unsolicited marketing. Concurrently, the country's financial regulator announced stricter delisting rules for the KOSDAQ market to begin in July.

Key Points: S. Korea Fines Luxury Brands $25M Over Customer Data Leaks

  • $24.9M in fines for data leaks
  • 3.6 million Louis Vuitton customers affected
  • Hacks via employee devices
  • Burger King fined for minor data collection
  • New KOSDAQ delisting rules announced
2 min read

S. Korea penalises Louis Vuitton, Dior, Tiffany $24.9 million over data leaks

South Korea fines Louis Vuitton, Dior, and Tiffany $24.9 million for major customer data breaches. Burger King and Mega MGC Coffee also penalized.

"an outside actor stole personal information... by hacking into an employee device - Personal Information Protection Commission"

Seoul, Feb 12

South Korea's privacy watchdog said on Thursday it has fined the Korean units of luxury brands Louis Vuitton, Dior and Tiffany a combined 36 billion won over leaks of customer information.

The Personal Information Protection Commission made the decision in a plenary meeting the previous day, imposing on Louis Vuitton Korea a fine of 21.4 billion won -- the heaviest among the three companies -- over a data breach of about 3.6 million customers, reports Yonhap news agency.

The watchdog said an outside actor stole personal information, such as user names, phone numbers and birth dates, over three occasions by hacking into an employee device. It noted the company had poor security practices for remote logins.

Meanwhile, the regulator fined Christian Dior Couture Korea and Tiffany Korea 12.2 billion won and 2.4 billion won, respectively, for data breaches after employees were tricked into granting internal system access to malicious actors.

Dior suffered a data breach of about 1.95 million users and was unaware of the incident for three months, while the leak at Tiffany involved the personal information of around 4,600 users, according to the watchdog.

The leaked user data from both companies included names and email addresses.

Separately, the watchdog fined BKR, which operates Burger King in South Korea, 924 million for collecting the personal data of minors aged 13 or under without guardian consent.

It imposed a fine of 642 million won on MGC Global, which operates popular coffee franchise Mega MGC Coffee, for sending marketing messages to customers who did not consent to receiving them.

The regulator also fined eight other food and beverage companies for violations of the personal information protection law, said the report.

Meanwhile, South Korea's financial regulator said on Thursday it plans to strengthen de-listing rules to speed up the exit of companies that fail to meet necessary requirements.

The move comes as part of efforts to improve the smaller KOSDAQ market and accelerate the country's transition to productive finance, and also facilitate innovative ventures and startup businesses, the Financial Services Commission (FSC) said.

Starting July 1, companies whose market capitalisation is below 20 billion won (US$13.8 million) will be exited from the KOSDAQ market. The threshold will be raised to 30 billion won at the start of next year.

- IANS

Share this article:

Reader Comments

A
Aman W
South Korea is setting a strong example. In India, data breaches happen too often but the penalties are not this severe. The part about Burger King collecting kids' data is especially shocking. We need our own data protection law to be enforced with this kind of teeth.
R
Rohit P
Good move by S. Korea. But honestly, as a customer, what do we get? Our data is already out there. These companies should be forced to provide free identity theft protection for all affected customers, not just pay a fine to the government.
S
Sarah B
The scale is mind-boggling – 3.6 million customers for LV! It shows how much data these global giants collect. We give our numbers and emails so casually for loyalty points. Time to be more careful, yaar.
V
Vikram M
Respectfully, while the fines are high, the article also mentions new financial rules for de-listing companies. That's the bigger news for their economy. Protecting data is important, but creating a strong market for startups is crucial for long-term growth. Both are good steps.
K
Kavya N
Dior didn't know for THREE MONTHS that data of 2 million users was stolen? That's negligence of the highest order. Makes you wonder about the security of all these international brands operating here. We need more transparency.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50