Crisis Management for a Conflict with North Korea
This is the best North Korea conflict crisis support available today. Predict, plan, build, prepare, train, and test in the right way.
Companies' minimum insurance obligation prompts concern following Coupang, SKT data leaks
Joongang Ilbo | English | News | Dec. 9, 2025 | Privacy
Coupang and SK Telecom recently experienced major customer data breaches affecting tens of millions of users but have each only secured the minimum legally mandated personal information liability insurance of 1 billion won ($680,000). Coupang, insured by Meritz Fire & Marine Insurance, and SK Telecom, insured by Hyundai Marine & Fire Insurance, both face limitations in potential insurance payouts despite the scale of their data leaks involving 33.7 million and 23 million accounts respectively.
The current minimum insurance requirement, mandated under Korea’s Personal Information Protection Act, applies even to large companies with annual revenues exceeding 80 billion won or over 1 million data subjects but is widely regarded by industry insiders as insufficient to cover damages from large-scale breaches. This has raised concerns about the adequacy of compensation for affected customers and the possibility of companies delaying or avoiding payouts due to limited coverage.
There is growing pressure from the insurance sector and related associations to raise the minimum coverage for large firms to 100 billion won to better match the scale of potential damage. Regulatory enforcement of the insurance mandate also faces challenges, as despite fines of up to 30 million won for non-compliance, no penalties have been issued due to difficulties in identifying violators. Compliance rates are low, with estimates indicating that only 2 to 8 percent of businesses required to carry data breach liability insurance have done so as of mid-2025.