Incident Overview: Sensitive Information Exposed Without De-identification
A personal data breach has occurred at the Love of Sharing, the nation's largest fundraising organization under the Community Chest of Korea. A security flaw was discovered in 2024 financial documents posted on the official website. The names and resident registration numbers of celebrity high-value donors, which should have undergone de-identification processing, were published without any redaction. This is being evaluated as an unprecedented incident that could shake public confidence in the donation culture overall.
The exposed information affects approximately 600 individuals, including members of the Honor Society who donated 20 million won or more. The organization belatedly discovered this fact during an internal review process and immediately took steps to delete the relevant documents. However, it is understood that the documents had already been exposed online for a considerable period of time.
Affected Parties and Concerns Raised
The impact of this personal data breach has significantly widened as many high-profile celebrity donors beloved by the public were among those affected. As the resident registration numbers of celebrities who have consistently engaged in charitable activities became publicly available online, concerns about secondary damage such as identity theft and voice phishing scams are spreading throughout society. With sensitive information of individuals across various sectors, including business and political figures, exposed externally, significant difficulties in rebuilding trust are anticipated.
In particular, donors who have engaged in charitable activities in good faith are now at risk of becoming targets for crime, and movements to abandon future donations have been detected. This reaction from donors demonstrates that proactive measures at the organizational level are essential to restore once-damaged trust.
Initial Response Measures by the Organization
The Love of Sharing established an emergency response team immediately after confirming the personal data breach and began crisis management. The organization is providing individual guidance to affected parties and actively offering information on methods to prevent identity theft-related damages. However, complete recovery of data already circulated online is technically nearly impossible, and concerns from victims persist.
Legal Action and Measures to Prevent Recurrence
Love of Sharing is carefully investigating the exact circumstances of the personal data breach and is proceeding with reporting procedures to relevant agencies, including the Korea Internet & Security Agency, in accordance with applicable laws. It is known that a rigorous internal investigation is underway regarding the public posting of materials containing sensitive resident registration numbers. Thorough verification is being conducted to determine whether this incident was a simple mistake or resulted from systematic security management failures.
The organization has stated that it will restore public trust by completely revamping the security system and strengthening data management manuals. Moving forward, concrete process improvements in personal information protection will be promoted along with enhanced security awareness within the organization to prevent similar incidents from recurring.
This content is general information compiled based on publicly available materials. Please check official announcements from relevant agencies for accurate details.
