On Sunday, Coupang, South Korea’s largest online retailer, apologized after the personal data of 33.7 million customers was accessed without permission. CEO Park Dae-jun posted a message on the company’s website, saying, We are very sorry to inconvenience our customers once again. Coupang, often called the Amazon of South Korea, is known for its fast Rocket delivery service.
The breach was discovered on November 18 and exposed customer names, email addresses, phone numbers, shipping addresses, and some order history but did not include payment information or passwords. Reports say the unauthorized access started on June 24 using international servers. Police are investigating, and a former Chinese employee of Coupang is suspected to be involved. Coupang has filed a complaint and is working with authorities and regulators.
The South Korean government held an emergency meeting to determine if Coupang violated personal information protection laws. Minister of Science and ICT Bae Kyung-hoon said officials are reviewing the case. Meanwhile, the Korea Internet & Security Agency warned affected customers to watch out for possible phishing attacks.
This is not the first time a major South Korean company has faced a data breach; SK Telecom was also affected in the past. These incidents show that companies in the country still face cybersecurity challenges. Coupang reported 24.7 million active users in the third quarter, highlighting the scale and impact of the breach.