Lotte Card faces $3M penalty and 4.5-month suspension over 2.97M customer data breach

South Korean financial The Financial Supervisory Service announced the sanctions after determining the company failed to implement adequate security measures to protect customer data. The breach represents one of the largest credit card data incidents in South Korean history. Under the suspension, Lotte Card will be barred from issuing new credit cards and acquiring new merchant accounts for the 4.5-month period beginning in May. Existing cardholders will retain full access to their accounts and services. Regulators found the breach stemmed from vulnerabilities in the company's data management systems, which allowed un The penalty and suspension reflect South Korea's increasingly strict approach to data protection enforcement, following a series of high-profile breaches at major financial institutions in recent years. Lotte Card has stated it is reviewing the regulatory decision and may appeal the sanctions.