Outlook Business Desk
South Korea’s top e-commerce platform, Coupang, confirmed a massive data breach affecting nearly 34mn local customer accounts, triggering an investigation by the country’s internet authority.
South Korean authorities are probing the Coupang breach to uncover its origins and full impact, while checking if the e-commerce giant failed to meet strict national data protection regulations.
The company told BBC that on 18 November it discovered unauthorised access to around 4,500 accounts. Later checks revealed that over 33mn customer accounts were likely exposed.
The leaked information includes names, emails, phone numbers, addresses and order histories. Crucially, no credit card information or login credentials were compromised.
The company said the data breach may have begun as early as June through a server located overseas, potentially impacting over half of South Korea’s 52mn residents.
According to South Korean media, a former Coupang employee from China could be responsible for the breach, although the company has not officially identified who carried out the attack.
South Korea’s Ministry of Science and ICT said authorities are investigating the breach’s scale and whether Coupang violated data protection rules, promising strict sanctions if safety obligations under the Protection Act were ignored.
The incident adds to a string of security breaches in South Korea. SK Telecom faced a nearly $100m fine after a leak of 20mn subscriber accounts and Coupang previously exposed 460,000 customers’ data.