Matchmaking firm Duo fined $810,000 over data leak

Logo of matchmaking firm Duo / Captured from Duo on YouTube

The data protection regulator said Thursday it has fined leading matchmaking company Duo more than 1.2 billion won ($810,000) over a data leak involving the personal information of nearly 430,000 members.

The leaked information included IDs, passwords, names, birth dates and addresses, as well as members' heights, weights, religion, previous marriage experience and other family and professional details, according to the Personal Information Protection Commission.

The breach occurred in January last year when an employee's work computer was hacked, but the company had failed to notify authorities for three days without justification, the commission said.

Under the law, businesses and other entities in South Korea are required to notify authorities of possible data leaks immediately after they become aware.

The company was also found to have violated its responsibility to implement data protection measures, such as by not restricting access to its database in the event of multiple failed entry attempts.

The regulator said it imposed a penalty of 1.2 billion won on the company, as well as a fine of 13.2 million won, and ordered it to immediately notify affected members of the leak.

It further ordered the company to strengthen data protection measures, review its personal information processing methods to minimize the collection of data and disclose the fine on its website.

Source: Korea Times News