Starbucks fined US$9,000 for Korea personal data breach

Wednesday, July 11, 2018

South Korea's communications regulator has imposed a 10 million-won (US$9,000) fine on Starbucks Coffee Korea Co for disclosing the personal data of hundreds of its customers, an official said.

The Korea Communications Commission said IDs, nicknames and mobile phone numbers of 537 people were disclosed due to a technical glitch in an upgraded version of Starbucks Coffee Korea's mobile app, Yonhap reports.

The upgraded version was meant to strengthen security, the official said.

He said the commission plans to send a formal notice to Starbucks Coffee Korea in about a month and the coffee giant is required to pay the fine within 60 days.

Starbucks Coffee Korea has told the commission that there were no problems in its tests before the launch of its new mobile app and the program error was not something that it could expect, according to the commission source.

Still, the commission did not accept Starbucks Coffee Korea's explanation and said that the coffee giant violated the country's law on protection of personal information.

A Starbucks Coffee Korea official admitted that personal information was compromised and that the company has since strengthened security to ensure a similar breach does not recur.

Both the commission and Starbucks Coffee Korea officials asked not to be identified.