Boram Sangjo fined in South Korea for poor data security, oversight failures
( May 14, 2026, 03:52 GMT | Official Statement) -- MLex Summary: Funeral services group Boram Sangjo was hit with fines and penalties totaling about 554 million won ($371,000) by South Korea’s privacy regulator over a customer-data breach linked to inadequate security measures and poor oversight of outsourced data processing. The Personal Information Protection Commission said Boram Sangjo Development centrally managed customer data for six group affiliates but failed to ensure adequate security controls, allowing hackers to exploit a SQL injection vulnerability and steal names, mobile-phone numbers and emails. The regulator also found delayed breach notifications, failure to delete expired personal data and inadequate affiliate oversight of outsourced processing.Statement is attached (in Korean)....
Prepare for tomorrow’s regulatory change, today
MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.
Know what others in the room don’t, with features including:
- Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
- Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
- Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
- Curated case files bringing together news, analysis and source documents in a single timeline
Experience MLex today with a 14-day free trial.