KakaoTalk Faces Record Fine for User Data Leak in South Korea

TapTechNews May 23rd news, the Personal Information Protection Commission of South Korea (PIPC) announced today that KakaoTalk caused the leakage of about 65,000 users' personal data due to a vulnerability, and decided to impose a fine of 15.1 billion Korean won (TapTechNews note: currently about 80.181 million yuan) on Kakao Corporation. This is also the highest fine ever for a South Korean company, and even more than twice that of the previous record holder, Golfzon (7.5 billion Korean won).

In March last year, media reports said that KakaoTalk user information was leaked and there was illegal trading, so PIPC launched an investigation against Kakao.

PIPC finally concluded that Kakao did not take the necessary protection measures to encrypt the users' temporary ID, so that hackers could identify the serial number assigned to each user.

PIPC officials said that the agency has confirmed that hackers have obtained the personal data of at least 65,710 users, and emphasized that the police are investigating the specific scope of this data leak.

However, Kakao refuted the PIPC statement, saying that its temporary ID does not contain any type of personal information and is not subject to the obligation of encryption by relevant laws. The company also said that it has reported to the police and the Ministry of Science and will cooperate with the investigation. Kakao emphasized that it will 'actively' review various measures to respond to the PIPC's decision, including filing an administrative lawsuit.