Asian Tech Press (Oct 26) -- Payment service provider PayPal has been fined 922 million won ($678,073) for a personal data breach, South Korea's privacy watchdog announced on Thursday.
South Korea's Personal Information Protection Commission (PIPC) penalized PayPal after the firm allegedly neglected the protection of personal data, which led to the leakage of customer information, such as names, addresses and photos, Yonhap News Agency reported.
In December 2021, the personal information of nearly 22,000 PayPal customers was leaked in a hacking attack, followed by another leakage of more than 1,000 customers' personal information through a phishing scam involving an employee's email.
Earlier this year, the service suffered a further "credential stuffing" attack that compromised the personal information of more than 300 customers.
The PIPC said that despite the three rounds of breaches, it found that PayPal had been negligent in managing its security systems and had failed to report the breaches to authorities in a timely manner.
(US$1 = 1359.7362 won)