LG Uplus reports data exposure from AI voice app glitch

Jie Ye-eun 2025. 12. 7. 11:04
음성재생 설정 이동 통신망에서 음성 재생 시 데이터 요금이 발생할 수 있습니다. 글자 수 10,000자 초과 시 일부만 음성으로 제공합니다.
글자크기 설정 파란원을 좌우로 움직이시면 글자크기가 변경 됩니다.

이 글자크기로 변경됩니다.

(예시) 가장 빠른 뉴스가 있고 다양한 정보, 쌍방향 소통이 숨쉬는 다음뉴스를 만나보세요. 다음뉴스는 국내외 주요이슈와 실시간 속보, 문화생활 및 다양한 분야의 뉴스를 입체적으로 전달하고 있습니다.

LG Uplus headquarters in Yongsan-gu, central Seoul (Yonhap)

LG Uplus, one of Korea’s leading telecommunications providers, said Sunday that a temporary technical error with its AI-based voice call app ixi O led to the inadvertent exposure of limited user information earlier this week.

The company said the issue stemmed from a misconfigured caching system implemented during recent service optimization efforts. The glitch resulted in unintended users gaining partial access to certain call records, including fragments of recipient phone numbers, call timestamps and AI-generated conversation summaries.

The incident reportedly affected 36 users whose call-related data was exposed to 101 individuals who had newly installed or reinstalled the ixi O app between 8:00 p.m. Tuesday and 10:59 a.m. Wednesday. According to LG Uplus, each affected user’s data was viewed by between one and six unrelated users.

The company stressed that no critical personal identifiers — such as resident registration numbers, passport details or financial data — were included in the exposed information.

LG Uplus became aware of the issue after a customer reported seeing unfamiliar information in the app via the company’s voice of customer channel. The telecom provider said it responded promptly, resolving the problem and blocking further exposure within 30 minutes of detection.

All affected users were individually contacted by phone or text, depending on availability, and informed of the situation.

While the scale of the leak fell below the mandatory reporting threshold of 1,000 individuals and did not involve sensitive personal data as defined under Korea’s Personal Information Protection Act, LG Uplus said it voluntarily reported the incident to the Personal Information Protection Commission within the required 72-hour window.

“It was not the result of any external cyberattack,” an LG Uplus official said. “We sincerely apologize for the inconvenience and concern this may have caused, and we will fully cooperate with the authorities as they review the case.”

A joint public-private cybersecurity task force currently investigating previous hacking incidents involving LG Uplus has initially assessed this latest case as unrelated to ongoing probes.

Copyright © 코리아헤럴드. 무단전재 및 재배포 금지.