The number of people affected by the personal data leak at the online video service (OTT) Tving has been determined to be 19.53 million to date. That is more than 6.5 million higher than the government's initial provisional figure of 13 million.
According to materials submitted by the Democratic Party of Korea lawmaker Lee Jeong-heon from the Personal Information Protection Commission and the Ministry of Science and ICT on the 22nd, the number of people affected by the Tving personal data leak has totaled 19.53 million to date.
This incident is the fourth largest personal data leak in Korea, following Coupang (about 37.56 million), Cyworld and Nate (about 35 million), and SK Telecom (about 23.24 million).
The materials stated that the leaked information included IDs, names, dates of birth, passwords, refund account numbers, connected information (CI), and duplicate subscription verification information (DI). Because CI and DI are difficult to change, there are concerns about secondary damage such as identity theft.
The government is investigating why the number of people affected far exceeds Tving's roughly 5 million paying subscribers and its 8.82 million monthly active users (MAU) as of May. It is also checking whether information from withdrawn members, dormant accounts, and accounts created through partner services was included among the leaked data.
Along with the scale of the incident, the government is examining Tving's response process after it recognized the breach. Lee noted that while Tving detected abnormal signs on May 30, it did not confirm that a large file had been transmitted externally until June 2.
A Tving official said, "We once again apologize for causing concern to our customers due to this incident," adding, "A joint public-private investigation team is currently looking into the cause of the incident, the scale of the leak, and the scope of impact, and we will promptly implement customer protection measures and fully meet our responsibilities, including necessary support and compensation." The official added, "To prevent a recurrence, we will focus all our capabilities on inspecting and improving our overall security system."