[2026-03-10]South Korea Enacts Stricter Penalties for Major Personal Data Breaches
South Korea has amended its Personal Information Protection Act to address repeated or major data breaches.
The new law imposes punitive fines up to 10% of total revenue and strengthens CEO and CPO responsibilities.
The amendments take effect September 11, 2024, with ISMS-P certification mandatory from July 1, 2025.