The Personal Information Protection Commission (PIPC) of South Korea has ordered Bithumb to pay a fine of 210 million won (~$136,000). The crypto exchange was penalized for sharing user data with foreign companies without consent.
According to the agency, the violations occurred from September to November 2025. Bithumb shared information from the order book in pairs with USDT.
It was found that the exchange had obtained client permission to share data with the Stellar platform but actually sent it to a platform operated by BingX.
The regulator also identified violations involving transfers to 13 other foreign exchanges. Bithumb transmitted users’ names, birth dates, and wallet addresses without obtaining full consent.
The commission has demanded that Bithumb rectify its data transfer protocols. The agency emphasized that cross-border movement of personal information requires strict legal compliance and protection of data subjects’ rights.
Simultaneously, PIPC released guidelines for blockchain companies. The document considers the technology’s specifics: transparency and the inability to delete records. The regulator recommended not including personally identifiable information, such as names or social security numbers, on-chain.
Earlier, on June 11, the Personal Information Protection Commission of South Korea imposed a record fine of 624.6 billion won on tech giant Coupang following a massive data breach.
