The Fourth Largest Personal Data Breach in South Korean History

The number of individuals affected by the personal data breach at TVING, the online video service (OTT) operated by CJ ENM, has been confirmed to reach 19.53 million. This figure is over 6.5 million higher than the government's initial estimate of approximately 13 million released immediately after the incident.


TVING Data Breach Affects 19.53 Million... Up 6.5 Million from Initial Estimate View original image

According to Yonhap News on June 22, data submitted to Assemblyman Lee Jungheon’s office by the Personal Information Protection Commission and the Ministry of Science and ICT revealed that the number of victims in the TVING personal data breach has reached 19.53 million to date. This makes it the fourth largest personal data breach in South Korea’s history, following Coupang (about 37.56 million), Cyworld·Nate (about 35 million), and SK Telecom (about 23.24 million).


The data shows that user IDs, names, dates of birth, passwords, refund account numbers, connection information (CI), and duplicate subscription verification information (DI) were leaked. There are particular concerns regarding CI and DI, as these are difficult to change, raising the risk of secondary damages such as identity theft.


The government is reportedly investigating why the number of records leaked greatly exceeds TVING’s number of paid subscribers (about 5 million) and its monthly active users (MAU, 8.82 million as of May). Authorities are also checking whether information from withdrawn members, dormant accounts, or accounts created through partner services was included in the breach.


The government is also examining the adequacy of the response process after the breach was detected. Assemblyman Lee pointed out that although TVING detected suspicious signs on May 30, the company did not confirm the external transfer of a large file until June 2.


However, these details are expected to be finally confirmed during the government’s ongoing investigation.



A TVING representative stated, "We sincerely apologize once again for the concern caused to our customers by this incident," adding, "A joint public-private investigation team is currently looking into the cause, scale, and scope of the breach, and we will promptly implement customer protection measures and fulfill all responsibilities, including providing necessary support and compensation."


This content was produced with the assistance of AI translation services.

© The Asia Business Daily. All rights reserved. Unauthorized AI training and use prohibited.

Today’s Briefing