Yazılar

Louis Vuitton Korea Confirms Customer Data Leak Following Systems Breach

/in /tarafından

Louis Vuitton Korea, a unit of the luxury conglomerate LVMH (LVMH.PA), announced on Friday that a systems breach in June led to the unauthorized leak of some customer data, including contact details. The company confirmed that financial information was not compromised.

Incident Details

  • The breach involved unauthorized third-party access to Louis Vuitton Korea’s system.

  • The company became aware of the incident on Wednesday and has since notified government authorities.

  • Immediate steps were taken to contain the breach and enhance system security.

Broader Context

  • The South Korean units of other LVMH brands, Christian Dior Couture and Tiffany, are also under investigation by South Korea’s Personal Information Protection Commission for earlier reported customer data leaks.

  • These incidents have heightened scrutiny on data security practices within luxury brands operating in South Korea.

South Korea Fines SK Telecom Over Massive Data Breach Affecting Millions

/in /tarafından

South Korean authorities on Friday penalised SK Telecom, the country’s largest mobile operator, for its failure to prevent a massive data leak involving nearly 27 million pieces of user data, blaming the company for negligence and failure to meet regulatory standards.

Government Findings and Penalties

The Ministry of Science and ICT found that SK Telecom did not adequately protect USIM (universal subscriber identity module) data and violated cybersecurity regulations. The ministry’s investigation followed SK Telecom’s disclosure in April that it had been the target of a malware attack, leading to the breach.

As a result, SK Telecom faces:

  • A fine of up to 30 million won (~$22,000)

  • A requirement to implement quarterly security audits

  • Mandates for the CEO to directly oversee data governance

  • Increased investment and staffing in cybersecurity

The ministry called the situation a “wake-up call” for the nation’s broader digital infrastructure and urged stronger protections across the telecom sector.

Company Response and Compensation Measures

Following the announcement, SK Telecom said it would invest 700 billion won (~$513 million) over the next five years to bolster data protection. The company also offered:

  • A 50% discount on August subscription fees for its 24 million customers

  • Free USIM replacements to all affected users at 2,600+ retail stores

  • A public apology from CEO Ryu Young-sang, who said the company takes full responsibility for the incident

To reflect the financial impact, SK Telecom has cut its 2025 revenue forecast by 800 billion won, citing approximately 500 billion won in costs linked to the customer compensation package.

Broader Fallout and Public Concern

The breach has caused widespread alarm among SK Telecom’s 23 million active users, many of whom fear the potential theft of personal and financial information. As of late June, around 9.39 million users had replaced their USIM cards in response.

SK Group Chairman Chey Tae-won also apologised last month, vowing to take responsibility and restore public trust.

South Korea’s handling of the incident is likely to influence future regulatory scrutiny and standards in the country’s telecom and tech sectors, as data privacy becomes an increasingly critical issue in both corporate accountability and public confidence.

US SEC and SolarWinds Reach Preliminary Settlement in Cyberattack Lawsuit

/in /tarafından

The U.S. Securities and Exchange Commission (SEC) has reached a deal in principle with SolarWinds Corp and its chief information security officer, Timothy Brown, to settle litigation related to a Russia-linked cyberattack on the software company. The agreement was revealed in a court filing on Wednesday.

SolarWinds, the SEC, and Brown jointly requested a federal judge to pause court proceedings while they finalize the settlement paperwork, which the judge approved. The case centers around the “Sunburst” cyberattack, which lasted two years and targeted SolarWinds, based in Austin, Texas.

The SEC accused the company and its security officer of defrauding investors by hiding security vulnerabilities. However, much of the SEC’s case was dismissed last year by U.S. District Judge Paul Engelmayer, who criticized the claims as relying on hindsight and speculation.

Both the SEC and SolarWinds declined to comment on the settlement details beyond public filings. SolarWinds expressed satisfaction with the potential resolution and a desire to focus on its business operations moving forward.

The parties plan to file the final settlement documents or a joint status report by September 12.