The Financial Supervisory Service has reportedly sent Lotte Card an advance notice of sanctions that include a 4.5-month business suspension and a 5 billion won penalty surcharge. The move comes after a large-scale leak of customer information at Lotte Card due to a hacking incident last year.
According to the financial sector on the 9th, the Financial Supervisory Service (FSS) last week gave Lotte Card advance notice of sanctions that include a business suspension, a penalty surcharge, and personnel sanctions.
The Financial Supervisory Service (FSS) plans to bring a heavy sanction plan against Lotte Card to the Sanctions Review Committee on the 16th. Final sanctions will be confirmed after a vote at a regular meeting of the Financial Services Commission (FSC).
After the incident last year, the Financial Supervisory Service (FSS) conducted back-to-back incident and regular inspections through mid-Dec. and then proceeded with the sanction process. It is said that the Personal Information Protection Commission mainly examined violations of the Personal Information Protection Act, and the FSS focused on the Specialized Credit Finance Business Act, the Credit Information Act, and the Electronic Financial Transactions Act.
Earlier, on the 12th of last month, the Personal Information Protection Commission (PIPC) announced it had imposed a 9.62 billion won penalty surcharge and 4.8 million won in fines, and the Financial Supervisory Service (FSS) then decided on the level of sanctions and sent advance notice.
The Financial Supervisory Service (FSS) is said to have focused on the scale of the credit information leak, deficiencies related to credit information security measures, and whether obligations to ensure the safety of electronic financial transactions were observed.
In Sept. last year, hacking led to the leak of information on 2.97 million customers, close to about one-third of all Lotte Card customers. Lotte Card had estimated that a total of 280,000 customers were at risk of fraudulent card use due to the leak of key data such as card numbers, expiration dates, and CVC numbers.