LG Uplus CI

<이미지를 클릭하시면 크게 보실 수 있습니다>

South Korea plans to toughen data-security requirements for major corporations after LG Uplus Corp. accidentally exposed user call data on its AI call service, renewing public concern over the mobile sector’s data-protection practices.

According to multiple sources from the telecommunications industry on Sunday, data on call summaries, recipient phone numbers, and call times for 36 users were shared with 101 other users who had newly downloaded or re-downloaded the ixi-O app from 8 p.m. on December 2 to 10:59 a.m. on December 3.

LG Uplus said the issue stemmed from a cache-configuration error during server upgrades, not from a breach, and reported the incident to the Personal Information Protection Commission on Saturday.

In response to the latest string of data security lapses, the government plans to overhaul the country’s national certification for organizations, known as the Information Security Management System and Privacy (ISMS-P).

The Ministry of Science and ICT and the Personal Information Protection Commission said after a joint meeting on Saturday that ISMS-P certification, previously optional, will become mandatory for major personal-data systems operated by public agencies, wireless providers, and large online platforms.