A massive data breach has struck South Korean e-commerce giant Coupang, compromising the personal information of nearly 34 million customers in the country. The breach, which is believed to have begun on June 24, 2025, via overseas servers, was first detected on November 18, when the company discovered the unauthorized exposure of 4,500 user accounts. However, a subsequent investigation revealed that the breach had actually affected a staggering 33.7 million customer accounts.
The leaked information includes customers’ names, email addresses, phone numbers, shipping addresses, and certain order histories. Fortunately, more sensitive data such as payment information, credit card numbers, and login credentials remains secure. Coupang has reported the incident to the relevant authorities, including the Korea Internet & Security Agency, the Personal Information Protection Commission, and the National Police Agency.
The company has taken swift action to mitigate the damage, blocking the unauthorized access route, strengthening internal monitoring, and retaining experts from a leading independent security firm. The investigation has also found no evidence that consumer data from Coupang’s Taiwan operations or its food delivery service in Japan, Rocket Now, was affected in the breach. This is a relief for customers who use these services, but the incident still raises concerns about the security of personal data in the e-commerce industry.
The breach is the latest in a string of cybersecurity incidents to hit South Korea this year, and it is not the first time Coupang has suffered a data breach. The company has experienced several incidents in previous years, including leaks between 2020 and 2021, and most recently in December 2023, when its seller management system compromised the personal information of over 22,000 customers. This history of breaches highlights the need for e-commerce companies to prioritize cybersecurity and protect customer data.
The investigation into the breach is ongoing, and police have reportedly identified at least one suspect, a former Chinese employee of Coupang who is now abroad. The company’s swift response to the incident and its cooperation with authorities are crucial in minimizing the damage and preventing similar breaches in the future. As the e-commerce industry continues to grow, companies must invest in robust cybersecurity measures to safeguard customer data and maintain trust.
The incident serves as a reminder of the importance of data protection and the need for companies to be proactive in preventing cyber threats. With the increasing frequency and sophistication of cyberattacks, e-commerce companies must stay vigilant and prioritize the security of customer data. The consequences of a data breach can be severe, including financial losses, reputational damage, and legal repercussions. As such, companies must take a proactive approach to cybersecurity, investing in robust security measures and regularly monitoring their systems for potential vulnerabilities.
In conclusion, the data breach at Coupang is a wake-up call for the e-commerce industry to prioritize cybersecurity and protect customer data. The incident highlights the need for companies to be proactive in preventing cyber threats and to invest in robust security measures to safeguard customer information. As the investigation into the breach continues, it is essential for companies to learn from the incident and take steps to prevent similar breaches in the future. By prioritizing cybersecurity, e-commerce companies can maintain customer trust and ensure the continued growth and success of the industry.
No Comments