South Korea fines Louis Vuitton, Christian Dior, Tiffany $25M for SaaS security failures
TL;DR
South Korea fined Louis Vuitton, Christian Dior, and Tiffany $25 million for failing to secure customer data on a SaaS platform, affecting over 5 million customers due to security breaches.
Source: CSO
Vishing involved in two of three breaches against Korean subsidiaries of prominent luxury brands impacting more than 5 million customers in total. South Korea’s data protection authority has handed down a combined KRW 36 billion ($25 million USD) in administrative fines to the local subsidiaries of three global luxury houses, after finding they failed to implement basic security controls while managing customer data through a SaaS platform. The Personal Information Protection Commission (PIPC), South Korea’s top privacy regulator, announced on Feb. 12 that it levied a total of KRW 36.033 billion in fines and KRW 10.8 million in additional penalties against Louis Vuitton Korea, Christian Dior Couture Korea, and Tiffany Korea for violations of the country’s Personal Information Protection Act (PIPA). Full Story