The data breach at the online streaming service Tving has affected approximately 19.53 million users.
On June 22, Representative Lee Jeong-heon of the Democratic Party reported that data from the Personal Information Protection Commission and the Ministry of Science and ICT confirmed the scale of the breach.
This incident marks the fourth largest data breach in South Korea, following those of Coupang (about 37.56 million), Cyworld and Nate (about 35 million), and SK Telecom (about 23.24 million).
The leaked data reportedly includes usernames, names, birth dates, passwords, refund account numbers, linked information (CI), and duplicate membership verification information (DI). Analysts warn that CI and DI are difficult to change, raising concerns about potential identity theft and secondary damage.
The government is currently investigating why the number of affected individuals significantly exceeds Tving's paid subscriber count of about 5 million and its monthly active user count of 8.82 million as of May. They are also examining whether the data breach includes information from former members, dormant accounts, or accounts created through partner services.
Authorities are also reviewing whether Tving's response to the incident was adequate. Representative Lee pointed out that Tving detected unusual signs on May 30 but only confirmed the external transmission of large files on June 2. This timeline is expected to be scrutinized during the government's investigation.
Tving has expressed its regret over the incident, stating, "We sincerely apologize for causing concern to our customers. We are currently conducting a joint investigation with the government to determine the cause of the incident, the scale of the breach, and its impact, and we will swiftly implement customer protection measures and fulfill our responsibilities for necessary support and compensation."
* This article has been translated by AI.
Copyright ⓒ Aju Press All rights reserved.