Following a massive credit card data breach in 2014, South Korea has enacted stricter penalties for credit information and credit card companies that violate personal data protection laws.  The National Assembly has amended the Use and Protection of Credit Information Act to require credit information companies to pay damages for personal data breaches and for mishandling customer data.  In addition, the Financial Services Commission has doubled the penalty for credit card companies that lose customer data under the Specialized Credit Financial Business Act, extending the period of business suspension to six months