South Korea fines matchmaking agency over leak of sensitive user data

South Korea's data protection agency said on Thursday it has fined a matchmaking service over the leak of its members' sensitive personal information, including their weight, blood type and whether they were previously married.



The Personal Information Protection Commission said in a statement the company, Duo, failed to implement adequate measures to safeguard their membership database and was slow to take action after its system was hacked last year.



It ordered Duo to pay a 1.21 billion won ($815,400) fine, take corrective action to improve how it handles personal data and to fully disclose details of the incident.



Hackers gained unauthorised access to the company database in January last year and downloaded private personal information of more than 420,000 current and former members. The data also included phone numbers, addresses, schools graduated from and workplaces, it said.



The commission said Duo also violated regulations on the collection and storage of personal data, such as citizenship ID numbers and passwords, and failed to meet a requirement to delete the information of nearly 300,000 members gathered more than five years ago.