100 Million Personal Data Breaches Spark Fears of Public 'Numbness'
Personal data breaches at major domestic corporations and public institutions in the past year have approached 100 million cases, leading to public complaints of 'numbness.' A string of major data leaks, including SK Telecom's SIM (subscriber authentication information) hacking, and incidents involving Coupang and TVING, are raising concerns that public vigilance regarding personal data protection is waning. Kim Min-woo (19), a resident of Guro-gu, expressed, "It felt like being betrayed by companies I trusted. Their subsequent handling of the situation was also inadequate and difficult to accept," hoping that companies would prioritize security first. Song (37), an office worker in Yangcheon-gu, stated, "It's become so common that I've become desensitized," adding, "Companies probably know this, which is why they don't seem to be strengthening security more proactively.".
SK Telecom was fined 134.8 billion won for lax security, while Coupang faced a penalty of approximately 624.6 billion won for deficiencies in its safety management system. Personal data leaks have also occurred in public services such as Seoul City's public bicycle service 'Ttareungi' and the Ministry of SMEs and Startups' 'Modu's Startup' platform.
Experts point out that hacking technologies are becoming increasingly sophisticated, leveraging AI, while defensive security technologies lag relatively behind. Lim Jong-in, Professor Emeritus at Korea University's Graduate School of Information Security, commented, "Hacking has already become a business, and the cost of attacks is decreasing. As it becomes a means of making money, attacks will continue to become more advanced." In response, Shin Jong-hoe, Professor of Cybersecurity at Ajou University, advised transitioning to a 'Zero Trust' security system, which continuously verifies internal users rather than solely monitoring external intrusions, instead of relying on the current approach of only watching for external breaches.
A lack of awareness among businesses has been identified as a fundamental problem. Corporations pursuing profit are still treating security as a 'cost' rather than an 'investment,' and are failing to prioritize it. Hwang Seok-jin, Professor at Dongguk University's Graduate School of International Information Security, stated that a culture is needed where information protection is recognized as part of corporate competitiveness, not just a non-financial activity. Professor Hwang emphasized that accidents will not be repeated if top decision-makers, namely management, recognize security as the number one priority and increase investment.
The government plans to impose fines of up to 10% of maximum revenue for repeated violations within three years or incidents affecting over 10 million people, starting in September. However, Professor Lim argues that punitive fines alone will not be enough to elevate the overall level of information protection. He suggested exploring the adoption of a US-style 'Safe Harbor' policy, which may reduce liability for companies that have made best-effort security investments but still experience unavoidable accidents. Opinions were raised about creating tangible benefits for companies that faithfully implement information protection certifications or disclosure systems, such as providing tax incentives for companies actively investing in security and government support for SMEs' information protection investments.
쿠팡 파트너스 활동의 일환으로 일정 수수료를 제공받습니다
