NewForTech

Home » Latest » Security » South Korean e-commerce giant Coupang has suffered a major data breach

South Korean e-commerce giant Coupang has suffered a major data breach

0 hits

South Korean e-commerce giant Coupang has suffered a major data breach
2 minutes

Written by

Tech Insider (NewForTech Editorial Team)

in

  • The Coupang breach exposed the personal data of 33 million customers, prompting investigations and lawsuits from regulators.
  • The stolen data included names, contacts, addresses and orders; Passwords and payment details are not affected.
  • Attack linked to the former employee’s active account; More than 10,000 people join a class action lawsuit seeking damages

Coupang, considered the largest e-commerce store in South Korea, confirmed that it suffered a devastating cyber attack that caused the company to lose the personally identifiable information (PII) of 33 million customers.

This appears to be one of the biggest data breaches in the company’s (and the country’s) recent history, leading to investigations by the data protection authority, a formal apology from the CEO and a possible class action.

On Sunday, November 30, Coupang CEO Park Dae-joon posted a letter on the company’s website explaining the incident and apologizing. According to the letter, the attack began on June 24, 2025, but was discovered only recently.

I’m sorry, I’m sorry

During the breach, which lasted “until recently,” anonymous threat actors leaked people’s names, email addresses, phone numbers, shipping addresses and specific order information.

While this is more than enough in the event of identity theft or phishing, Dae-joon emphasized that no login details (including customer passwords), payment details or credit card details were stolen.

In the ten-sentence letter, Park Dae-joon apologized three times.

“Coupang will do its best to prevent further damage, in close cooperation with the Ministry of Science and ICT, the Personal Information Protection Commission, the Korea Internet Security Agency, the National Police and other joint public-private investigation teams,” he added.

Meanwhile, Reuters reports that 33 million people have been affected and that a former employee of Chinese descent may be involved. The agency quoted television station JTBC as saying this is the result of an internal investigation. The employee’s account was not closed even after he left the company and was later used in the data breach.

Reuters also said more than 10,000 people have already expressed interest in joining a class action against the retailer, potentially paying $68 per person for their losses.

IN Reuters