[Alpha Biz= Kim Jisun] SEOUL, Sept. 11 – The Personal Information Protection Commission (PIPC) has imposed a fine of KRW 81.01 million and an administrative penalty of KRW 7.2 million on Moncler Korea for failing to implement adequate safeguards that led to the leakage of personal data belonging to approximately 230,000 customers.
The commission found that the luxury brand detected a hacking incident in January 2022 that exposed names, birth dates, email addresses, card details, delivery methods, shopping preferences, body sizes, and other purchase information. Moncler Korea notified affected users and the PIPC later than the 24-hour legal deadline then in effect.
Investigations revealed that hackers stole an administrator’s account, planted malware on the domain controller server, and encrypted company data after extracting customer information. Moncler Korea was also cited for operating its website without two-factor authentication measures, such as one-time passwords, between 2019 and 2022.
The PIPC stated that timely notification and robust authentication practices are essential to protect consumers from identity theft and financial fraud.
Alphabiz Reporter Kim Jisun(stockmk2020@alphabiz.co.kr)
