# Lotte Card faces $3M penalty and 4.5-month suspension over 2.97M customer data breach

_Thursday, April 9, 2026 at 6:15 AM EDT · Cybersecurity, Policy · Latest · Tier 1 — Major_

![Lotte Card faces $3M penalty and 4.5-month suspension over 2.97M customer data breach — Primary](https://koreajoongangdaily.joins.com/resources/images/common/ja_opengraph_img.png)

South Korean financial authorities have imposed a $3 million penalty and a 4.5-month business suspension on Lotte Card, the credit card unit of retail conglomerate Lotte Group, following a data breach that exposed the personal information of 2.97 million customers.

The Financial Supervisory Service announced the sanctions after determining the company failed to implement adequate security measures to protect customer data. The breach represents one of the largest credit card data incidents in South Korean history.

Under the suspension, Lotte Card will be barred from issuing new credit cards and acquiring new merchant accounts for the 4.5-month period beginning in May. Existing cardholders will retain full access to their accounts and services.

Regulators found the breach stemmed from vulnerabilities in the company's data management systems, which allowed unauthorized access to sensitive customer information including names, contact details, and transaction records.

The penalty and suspension reflect South Korea's increasingly strict approach to data protection enforcement, following a series of high-profile breaches at major financial institutions in recent years. Lotte Card has stated it is reviewing the regulatory decision and may appeal the sanctions.

## Sources

- [Korea JoongAng Daily](https://koreajoongangdaily.joins.com/news/2026-04-09/business/finance/Lotte-Card-to-Face-4.5-Month-Suspension-Over-2.97M-Data-Leak/2250604)

---
Canonical: https://techandbusiness.org/newswire/a0FPCi5tjsU2FdkevkR52w
Retrieved: 2026-04-21T18:11:40.639Z
Publisher: Tech & Business (techandbusiness.org)