South Korea Fines Matchmaking Service Duo $815,000 Over 2025 Data Breach

South Korea's Personal Information Protection Commission ordered Duo to pay the fine after discovering that hackers accessed its membership database in January 2025. The breach exposed weight, blood type, marital status, phone numbers, addresses, schools, workplaces, citizenship ID numbers and passwords. The agency said Duo did not put adequate safeguards in place and was slow to respond once the intrusion was detected.

The fine amounts to 1.21 billion won, roughly $815,400, and hackers copied data from over 420,000 current and former members. Duo acknowledged the regulator's findings and said it deeply regrets failing to protect members' personal data. The commission also noted that Duo kept information of nearly 300,000 members for more than five years, violating deletion rules.

Duo must now improve its data security practices and fully disclose the incident to affected users. Users may watch for any follow‑up notices from Duo, potential class‑action claims, and whether the commission imposes additional penalties if corrective steps fall short. The case signals stricter enforcement of South Korea's data protection rules for online services handling sensitive personal information.