Coupang, South Korea’s dominant e-commerce and logistics powerhouse, is facing one of the most severe cybersecurity crises in its history after confirming a data breach that compromised the personal information of nearly 34 million people—more than half of the nation’s population. The fallout has already prompted major leadership changes at the company.
Park Dae-jun, who served as chief executive of Coupang, has officially stepped down following growing scrutiny and public anger over the scale of the breach. In a formal statement, Park expressed remorse and acknowledged “a deep sense of responsibility for the outbreak and the subsequent recovery process.” His departure underscores the gravity of the situation and the intense pressure placed on corporations in South Korea to safeguard consumer data.
Coupang has moved quickly to fill the leadership gap. Harold Rogers, chief legal officer of the company’s U.S.-based parent entity, has been appointed as the new CEO, according to a translated statement from the company. Rogers steps into the role at a moment of heightened regulatory and public focus on cybersecurity resilience.
A Breach Months in the Making
The retail giant initially reported in November that approximately 4,500 customers had their data stolen. However, internal investigations later revealed a far deeper and earlier intrusion. The breach reportedly began in June and expanded undetected for months, ultimately affecting close to 34 million individuals. The compromised information is believed to include sensitive personal details that could leave millions vulnerable to fraud or identity theft.
Coupang, often described as the “Amazon of South Korea,” operates an immense digital ecosystem powered by logistics automation, fast delivery networks, and vast amounts of customer data. Its scale has made it a central target for cybercriminals seeking high-value information.
Part of a Wider National Cybersecurity Strain
The Coupang incident adds to a growing list of cybersecurity failures in South Korea this year. Both private corporations and government agencies have faced breaches, outages, and large-scale disruptions. A major data center fire earlier in the year resulted in irretrievable losses of government records, raising urgent questions about digital infrastructure oversight and disaster preparedness.
The combined impact of these events has prompted calls for tighter regulations, more robust cybersecurity frameworks, and increased accountability for large enterprises handling sensitive public data.
Coupang’s Road Ahead
As the company works to stabilize operations and rebuild trust, attention is now shifting to how the new leadership will address security vulnerabilities and prevent future breaches. Analysts expect stronger investment in cybersecurity architecture, transparent communication with regulators, and potentially new oversight mechanisms across the organization.
The breach represents one of South Korea’s most significant data security failures in recent years one that may reshape digital governance standards across both corporate and public sectors.