Incruit, a company operating a job information website, lost its first trial in a lawsuit seeking to revoke a fine imposed for leaking 35,000 job seekers’ personal information.
In September 2020, a hacker accessed Incruit’s job information website, resulting in the leakage of approximately 35,000 job seekers’ personal data.
The Personal Information Protection Commission (PIPC) determined that Incruit had neglected security measures, such as failing to implement policies to block unauthorized access to the site. In 2023, the commission imposed a fine of 70.6 million KRW and a penalty of 3.6 million KRW on Incruit.
Incruit filed a lawsuit in October of that year to contest the fine.
However, South Korea still tends to favor corporate interests.
Fines imposed on companies for wrongdoing are generally low, and when companies cause harm, such as leaking personal information, they rarely provide compensation to individuals.
