The South Korean Information Regulator has fined major cryptocurrency exchanges for possible leaks of personal information of their customers.

The Korea Communications Commission (KCC) held a general meeting on Tuesday and decided to impose fines on eight virtual currency trading site operators who violated the Information Protection Act. Additionally, they decided to oblige them to take action to prevent data leaks in advance.

Eight exchanges, among them Upbit, Korbit, Coinplug, Coinone, received penalties of 10 million to 25 million won each one. Overall the issued fines totaled at 130 million won ($130,000).

Earlier, the KCC along with the Ministry of Science, Technology, and Information and the Korea Internet Development Agency checked the security systems of 10 national cryptocurrency exchanges.

“While the number of transactions and users is growing, overall user protection measures are insufficient. Operators failed to comply with basic protection measures such as the establishment and operation of access control devices and the establishment of password rules for personal information handlers,” The Korea Communications Commission said in a statement.

The biggest fines were issued to Coinone and Yapian ($25,000 to each one). The two companies did not comply with privacy measures, such as storing account number encryption. Korbit was fined $20,000 for personal information breach detection, including transferring personal information outside the country. Upbit also received penalty totaling at $20,000.

According to the regulator's decision, all exchanges were ordered to implement corrective measures within 30 days and submit the result to the KCC.