South Korean telecommunication conglomerate LG Uplus announced on Thursday that the company will increase its cybersecurity spending by three folds, which amounts to 100 billion won (approximately $80 million), acknowledging its failure to protect the personal information of customers and maintain the availability of networks against malicious actors.
Hwang Hyeon-sik, CEO at LG Uplus, held a press conference on February 16 to share the company’s security improvement plans with the public. He also apologized for the recent incidents that exposed the personal information of 290,000 customers to black hat hackers and interrupted the business operations that used the company’s network due to the collapse caused by distributed denial-of-service (DDoS) attacks.
“Experiencing the latest cyber incidents, we have realized that our efforts to protect customers were not enough and various strategies should be developed in order to restore the trust from our customers,” said Hwang. “We are doing our best to prevent further harm to our customers and find the initial cause of current breaches, cooperating with law enforcement through the investigation.”
In the press conference, LG Uplus disclosed the details of the security improvement plan, which the company named “Cyber Safety Innovation Agenda.” It includes hiring more cybersecurity experts in the firm, elevating the cybersecurity division to the office under the direct supervision of the CEO, and forming a committee on information security which consists of diverse professionals from institutions and academia. In addition, LG Uplus plans to launch hacking contests and conduct penetration testing with an aim to inspect its security status.
The company’s pledge to invest in cybersecurity is very dramatic transition, considering that its current investment in cybersecurity is slightly below 30 billion won ($22 million), which puts LG Uplus tenth on the list of information security investment among South Korean companies. When LG Uplus starts pouring 100 billion won into its information security this year, the company will jump directly into third place, surpassing SK Telecom and Coupang.
LG Uplus is expecting that the cybersecurity spending will be even greater than 100 billion won because the firm will be obliged to compensate its customers for damage related to the current incidents once the government’s investigation is concluded. “The compensation for our customers and the investment in cybersecurity are two different agendas, and we believe that we will need 100 billion won worth of funding to prepare for our future concerning information security,” told Hwang to The Readable.
Since the beginning of this year, LG Uplus has gone through several security breaches. Last month, malicious actors claimed that they had infiltrated the company’s inner system and succeeded in stealing the personal information of its customers. Moreover, anonymous hackers tried to freeze the company’s network by imposing DDoS attacks, which paralyzed users’ operating systems at least twice earlier this month.
Multiple government agencies in South Korea, such as the Personal Information Protection Commission and the National Police Agency, have been looking into LG Uplus through a joint investigation.