[Alpha Biz= Paul Lee] Seoul, South Korea — Victims of the Lotte Card data breach, which exposed the personal information of 2.97 million customers in August, have filed seven separate lawsuits seeking damages. Plaintiffs argue that the company’s inadequate data protection practices put them at significant risk and are demanding KRW 500,000 per person in compensation.

According to Lotte Card on December 3, the most advanced of the seven ongoing class-action lawsuits is led by law firm Doul, representing 2,725 plaintiffs. Regardless of the extent of each individual’s data exposure, plaintiffs insist that all affected customers should receive KRW 500,000 in damages.

A Doul attorney stated, “The mere fact that personal data was leaked exposes customers to serious risk. Leaving customer information poorly protected constitutes an unlawful act, making the company liable for damages.”

The case draws comparisons to the 2014 credit card data leak, in which 104 million records were exposed across Lotte Card, NH Nonghyup, and KB Kookmin Card. At that time, Korean courts ordered companies to pay up to KRW 100,000 per person. Doul argues that compensation amounts must be adjusted upward to ensure companies recognize the necessity of strengthening cybersecurity.

Additional class-action lawsuits continue to recruit participants, meaning the number of plaintiffs may grow.

Regulatory action by financial authorities is not expected until next year. Lotte Card recently submitted its response to the Financial Supervisory Service (FSS) following an inspection. The FSS is now preparing documentation for a sanctions review committee. Industry officials expect heavier penalties—including possible business suspension and fines—given that the scope of leaked credit information exceeds that of the 2014 incident.

 

 

 

[ⓒ 알파경제. 무단전재-재배포 금지]