Photo courtesy of Yonhap News

 

[Alpha Biz= Paul Lee] If LG Uplus is found to have maliciously destroyed evidence following last year’s cyber hacking incident, customers may be entitled to demand waivers of early termination penalties, according to a legal interpretation cited by a South Korean lawmaker.

Kim Jang-gyeom, a member of the National Assembly’s Science, ICT, Broadcasting and Communications Committee, disclosed on Tuesday that the National Assembly Research Service (NARS) concluded such conduct could constitute a company-attributable breach of contract.

In its written response to Rep. Kim, NARS stated that if LG Uplus’s actions—reinstalling and discarding servers immediately after the hacking incident—were intended to erase traces of the breach or obstruct investigations, the conduct could be interpreted as evidence destruction and interference with regulatory probes.

“This deprived users of the opportunity to verify whether their personal data had been leaked and to respond appropriately,” the research body said. “Such conduct undermines the overarching contractual trust inherent in the obligation to provide secure telecommunications services and may therefore qualify as a company fault justifying penalty-free contract termination.”

Server Disposal Raises Controversy

LG Uplus discarded account management servers in late July last year, shortly after the Korea Internet & Security Agency (KISA) requested an inspection following reports of a possible server breach. The timing fueled suspicions that the company may have deliberately concealed evidence related to the hacking incident.

LG Uplus has denied any wrongdoing, maintaining that the server disposal had been planned a year in advance and was unrelated to the hacking investigation.

Key Issue: Inability to Verify Data Leakage

NARS clarified that if the leaked information was limited to internal system management data and did not include personal information, it would not automatically qualify as grounds for penalty waivers. However, the research body emphasized that LG Uplus’s disposal of the servers made it impossible to determine precisely what type of data had been compromised.

Rep. Kim’s office noted that this inability to verify the scope of the breach itself constitutes a serious issue, as users were effectively prevented from assessing risks and taking protective measures.

The controversy adds pressure on LG Uplus as regulators and lawmakers continue to scrutinize corporate accountability and user protection standards in the wake of major cybersecurity incidents.

 

 

 

[ⓒ AlphaBIZ. 무단전재-재배포 금지]