The Financial Supervisory Service (FSS) has decided to impose a four-and-a-half-month business suspension on Lotte Card over a massive personal data breach. Once the Financial Services Commission (FSC) finalizes the penalty at its plenary meeting, significant damage to Lotte Card's operations is expected to be unavoidable.
According to financial industry sources on the 30th, the FSS held a sanctions review committee meeting that day and decided on a 4.5-month business suspension for Lotte Card.
Earlier in early April, the FSS had given Lotte Card preliminary notice of heavy sanctions, including the 4.5-month business suspension. The FSS held an initial sanctions review on the 16th but failed to reach a conclusion.
At the second sanctions review held on this day, Lotte Card CEO Chung Sang-ho and former CEO Cho Jwa-jin personally appeared to present their case. They reportedly requested a reduction in sanctions, citing that the company had reported the hacking damage in advance and worked to minimize harm.
However, the sanctions committee confirmed the preliminary notice as is. This is interpreted as reflecting the fact that the breach recurred after a 2014 incident in which 26 million pieces of personal information leaked from Lotte Card.
The final level of sanctions will be determined at an upcoming FSC plenary meeting. Should the FSC impose a similar level of discipline, a negative impact on Lotte Card's earnings is anticipated. A business suspension blocks new member recruitment and new card loan issuance.
Lotte Card's membership fell 10% in 2014, when it received a three-month business suspension over a personal data leak. Some observers, however, suggest that the level of sanctions could be somewhat eased during FSC deliberations. "Sanctions reviews for Shinhan Card and Woori Card regarding their personal data leaks are also scheduled soon," a financial industry official said. "The level of discipline for Lotte Card will serve as an important benchmark for the card industry."
