DUO A.I CyberSecurity Scoring
DUO
Company Information
Website:https://duo.nl/organisatie/werken-bij-duo/
Employees number:2,879
Number of followers:28,725
NAICS:92
Industry Type:Government Administration
Homepage:duo.nl
DUO Risk Score (AI oriented)
Between 600 and 649
DUOGovernment Administration
Updated:
24/04/2026
24/04/2026
616/1000
Poor
Caa
DUO Global Score (TPRM)
xxxx
DUOGovernment Administration
Score locked

DUOPoor
Current Score
616Caa (POOR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
624
JUNE 2026
622
MAY 2026
618
APRIL 2026
616
MARCH 2026
614
FEBRUARY 2026
611
JANUARY 2026
608
DECEMBER 2025
605
NOVEMBER 2025
602
OCTOBER 2025
599
SEPTEMBER 2025
596
AUGUST 2025
593
JANUARY 2025
769
Breach
01 Jan 2025 • DUO
Duo: Victims of matchmaking company's data breach criticize fine as too lenient
Duo Data Breach Exposing 427,464 Members' Personal Information
564
CRITICAL-205
DIE1776997525
South Korea’s Duo Faces Backlash Over $810K Fine for Massive Data Breach
South Korea’s largest matchmaking company, Duo, has been fined 1.2 billion won ($810,000) by the Personal Information Protection Commission (PIPC) for a 2023 data breach that exposed the personal information of 427,464 members. The incident, which occurred in January 2023, stemmed from a hack of an employee’s work computer, compromising 24 types of sensitive data, including names, residential addresses, email addresses, educational backgrounds, and blood types.
Authorities determined that Duo’s security measures were inadequate, citing unrestricted failed authentication attempts leaving the database vulnerable to brute-force attacks and weak encryption for passwords and resident registration numbers. The PIPC also imposed an additional 13.2 million won ($9,600) administrative penalty for the company’s failure to destroy data, report the breach, and notify affected customers promptly.
The fine, calculated at 3% of Duo’s average annual revenue (41.3 billion won over three years), was reduced under mitigation provisions for small- and medium-sized enterprises. However, public criticism has mounted, with many arguing the penalty roughly 3,000 won ($2.20) per victim is disproportionate to the breach’s scale. Under upcoming revisions to the Personal Information Protection Act, fines for severe or repeated violations will increase to 10% of revenue starting in September 2024, though Duo’s case was assessed under the previous standard.
Duo issued a public apology, stating it had strengthened security measures and confirmed that no secondary damage from the leak has been reported. However, Gangnam District, which oversees the company, plans an on-site inspection next week, with potential additional fines or business suspension pending the findings.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for DUO ??
What was DUO's A.I Rankiteo Cyber Score in June 2026 ??
What was DUO's A.I Rankiteo Cyber Score in May 2026 ??
What was DUO's A.I Rankiteo Cyber Score in April 2026 ??
What was DUO's A.I Rankiteo Cyber Score in March 2026 ??
What was DUO's A.I Rankiteo Cyber Score in February 2026 ??
What was DUO's A.I Rankiteo Cyber Score in January 2026 ??
What was DUO's A.I Rankiteo Cyber Score in December 2025 ??
What was DUO's A.I Rankiteo Cyber Score in November 2025 ??
What was DUO's A.I Rankiteo Cyber Score in October 2025 ??
What was DUO's A.I Rankiteo Cyber Score in September 2025 ??
What was DUO's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on DUO's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with DUO ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view DUO's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?