South Korea’s largest online retailer, Coupang, has issued a public apology following a massive data breach that compromised the personal information of 33.7 million customers. The company confirmed that its internal systems were subject to unauthorised access, resulting in the exposure of sensitive user data. The incident has raised significant concerns across the country, prompting swift scrutiny from government authorities and cybersecurity officials.
What did the Coupang chief say?
Park Dae-jun, the chief executive of the e-commerce giant often compared to Amazon in South Korea, addressed the situation through a statement posted on the company’s website. He expressed deep regret for the anxiety and inconvenience caused to customers, noting that the company is cooperating fully with police and regulatory bodies as investigations progress.
Government launches investigation
The scale of the breach triggered an emergency meeting led by the Ministry of Science and ICT, which is now examining whether Coupang failed to comply with national data protection regulations. Minister Bae Kyung-hoon stated that officials are currently reviewing the company’s data handling practices, security protocols, and adherence to guidelines designed to safeguard personal information.
Details of the Coupang data breach
According to Coupang, the breach was detected on 18 November, after which authorities were promptly notified. The compromised data includes customer names, contact numbers, email addresses, shipping details, and segments of order histories. Importantly, the company confirmed that payment data and login credentials were not accessed. Coupang also revealed that the intrusion is believed to have started on 24 June and involved overseas servers.
Former employee suspected
In a development reported by Yonhap News Agency, police are investigating a former Chinese employee of the company in relation to the breach. Coupang has lodged a complaint with law enforcement, though further details have not yet been disclosed as the investigation remains ongoing.
Wider concerns over corporate security
This incident adds to a rising number of high-profile data breaches affecting major companies in South Korea, including telecom operators. Cybersecurity authorities have reiterated that such events underscore long-standing vulnerabilities across corporate IT infrastructures. The government has also cautioned affected customers to be vigilant about phishing attempts, suspicious messages, and unknown links, urging them to closely monitor their accounts for any unusual activity.
