Merck fined in South Korea for data breach due to security flaw

( June 12, 2025, 05:40 GMT | Official Statement) -- MLex Summary: Merck has been fined 86 million won ($62,890) by South Korea’s privacy regulator for a data breach that affected 108 individuals. The Personal Information Protection Commission found that the company had a security flaw in the service that helps users manage medication records for Merck’s pharmaceutical products. The flaw allowed some users to view personal information entered by others. The company also failed to report the breach within 24 hours of becoming aware of it. The PIPC concluded that Merck had not adequately checked for security vulnerabilities and ordered the company to publicly disclose the sanction on its official website. The statement, in Korean, is attached....

Prepare for tomorrow’s regulatory change, today

MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.

Know what others in the room don’t, with features including:

Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
Curated case files bringing together news, analysis and source documents in a single timeline

Experience MLex today with a 14-day free trial.

Start Free Trial

Already a subscriber? Click here to login

Merck fined in South Korea for data breach due to security flaw

Prepare for tomorrow’s regulatory change, today

Documents

Related Sections