A delivery vehicle is parked at a Coupang logistics center in Seoul. According to the retail industry, reports have been mounting online of login attempts, smishing attacks, and other incidents following the “Coupang data leak” episode. (Yonhap)
SEOUL, Dec. 6 (Korea Bizwire) — The government unveiled plans Saturday to toughen the management and screening process for the state-certified information security system amid growing personal data breaches at authorized companies, such as Coupang.
The Personal Information Protection Commission and the Ministry of Science and ICT discussed the measures during an interagency meeting earlier in the day, as public distrust has grown over data security protection following the massive personal data breach at e-commerce giant Coupang.
Coupang recently disclosed that personal information belonging to over 33 million customers had been leaked and remained undetected for months, heightening privacy concerns in one of the world’s most advanced information technology nations.
Coupang’s massive data breach is the latest in a series of similar incidents at South Korean companies, including top mobile carrier SK Telecom.
Saturday’s meeting concluded that the government will push to make the Information Security Management System (ISMS) a requirement for all companies engaged in relevant businesses, such as telecommunication and platform, officials said.
Currently, the ISMS and the ISMS-P — the security system for personal information — are certified by the government upon an operator’s voluntary application.
The government will also conduct thorough post-screening of the responsible company in the event of a data breach and cancel the ISMS certification if the case is deemed severe.
The government will push to revise related laws for the system overhaul.
The screening process for the initial ISMS certification will also be toughened, including preliminary evaluations and on-site inspections, among other measures.
(Yonhap)
