Coupang Data Breach Exposes Extensive Customer Information
South Korea’s prominent e-commerce retailer Coupang has faced a significant data breach, potentially impacting approximately 34 million customer accounts. The breach was first reported on November 18, when Coupang recognized unauthorized access to personal data affecting roughly 4,500 accounts. However, further investigation revealed that data from approximately 33.7 million accounts may have been compromised.
Coupang Data Breach Details
The compromised data includes:
- Name
- Email address
- Phone number
- Shipping address
- Order history
Fortunately, sensitive information such as credit card details and login credentials remained secure. Coupang reassured its users that no immediate actions are necessary on their part.
Background of the Incident
Coupang’s investigation indicated that the breach might have started as early as June. The unauthorized access originated through a server located overseas. This incident raises concerns as it affects more than half of South Korea’s estimated population of 52 million.
Founded in South Korea and currently headquartered in the United States, Coupang claims nearly 25 million active users. The company has publicly apologized for the breach and is urging customers to remain vigilant against scams that may impersonate the firm.
Authorities and Investigations
The South Korean internet authority is actively investigating the breach to determine if Coupang violated any data protection regulations. The Ministry of Science and ICT announced plans to scrutinize the scale of the breach and ensure compliance with safety measures dictated by the Protection Act.
Local media reports have suggested a former Coupang employee from China may be linked to the breach. Significant backlash against Coupang has surfaced, with major South Korean publications criticizing the company’s handling of customer data security. The Chosun Ilbo described the breach as “preposterous,” while the Dong-A Ilbo dubbed it the “worst personal data leak” in the nation’s history.
Recent Cybersecurity Incidents
This incident adds to a troubling trend of cybersecurity breaches affecting major South Korean companies. Earlier this year, SK Telecom incurred fines of nearly $100 million following a breach that compromised over 20 million subscriber accounts. Additionally, a cyber-attack on Lotte Card resulted in the exposure of data from nearly three million customers.
The landscape of data protection in South Korea, despite stringent privacy rules, is being called into question as incidents of this nature continue to occur. With the increasing reliance on digital platforms, the importance of robust cybersecurity measures remains paramount for businesses like Coupang.
