TAIPEI (Taiwan News) — Listed companies in Taiwan will be subject to a fine of up to NT$5 million (US$162,111) if they fail to disclose major cybersecurity events, the financial regulator said on Thursday (March 10).

The warning comes following a spate of high-profile cyberattacks in the private sector involving leaks of data of tens of thousands of customers. It is mandatory that firms trading on the Taiwan Stock Exchange (TWSE) and Taipei Exchange (TPEx) publish information about events of significance that can impact share prices.

Cybersecurity incidents are categorized as such events, while failing to reveal relevant information two hours before the trading session the next day will be deemed a violation. This could incur a fine of somewhere between NT$30,000 and NT$5 million, said Huang Ho-ming (黃厚銘), an official of the Financial Supervisory Commission’s Securities and Futures Bureau.

The bureau has asked listed corporations to add supervisory positions managing information security. Companies are also invited to join the Taiwan Computer Emergency Response Team/Coordination Center (TWCERT/CC), which helps deal with cybersecurity incidents in the private sector.

Last month, Taipei-based Breeze Center, a department store chain, was hacked and saw the personal data of 900,000 customers exposed. It came on the heels of stolen data reports from car rental service providers, including iRent and Car-Plus, as well as China Airlines, Taiwan’s national carrier.