Top South Korean e-commerce firm Coupang apologises over massive data breach
Coupang logo is seen in this illustration taken Feb 11, 2025. (Photo: REUTERS/Dado Ruvic)
SEOUL: South Korea's biggest online retailer, Coupang, apologised on Sunday (Nov 30) over the breach of personal information from 33.7 million customer accounts through unauthorised data access.
"We sincerely apologise once again for causing our customers inconvenience," Park Dae-jun, CEO of the firm dubbed the Amazon.com of South Korea, posted on its website.
The incident is the latest in a series of data leaks at major South Korean companies, including SK Telecom.
The government, which held an emergency meeting on Sunday, is looking into whether Coupang violated safety rules regarding personal information protection, said Minister of Science and ICT Bae Kyung-hoon.
Coupang said on Saturday that it learned of the data breach on Nov 18 and reported it to authorities. It said it was working with law enforcement and regulatory authorities.
The company, whose services are ubiquitous for many Koreans using its "Rocket" fast deliveries, has said it had 24.7 million active commercial users in the third quarter.
Yonhap News Agency reported on Sunday that a Chinese former employee at Coupang was suspected of being behind the breach. Coupang sent a complaint to police this month, and police are investigating, Yonhap said, without citing the sources of its information.
Coupang could not immediately be reached for comment outside business hours.
The breach exposed customers' names, email addresses, phone numbers, shipping addresses and certain order histories but not payment details or login credentials, Coupang said.
The unauthorised access of personal information was believed to have started on Jun 24 through overseas servers, it said.
The government-run Korea Internet & Security Agency issued a public advisory for those affected by the breach, warning them about phishing scams.
