A massive data breach at e-commerce giant Coupang exposed personal information of 33.7 million customers, undetected since June. The compromised data includes names, phone numbers, email addresses, and delivery addresses, though payment details remain secure. Customers are voicing serious concerns over potential misuse of the information.
Coupang confirmed on November 29 that personal information from 33.7 million customer accounts was exposed, far exceeding the initially reported 4,500 accounts and affecting nearly its entire user base. The breach began with unauthorized access to delivery-related data via overseas servers since June 24.
The company first detected the incident on November 18 and notified authorities within two days. Initially, it reported only about 4,500 customers affected, but the scope expanded upon further investigation. Police launched a probe after a complaint on Tuesday, identifying a former Chinese employee as a suspect who has since left the company and the country, according to informed sources.
Coupang is conducting a joint investigation with security experts, cooperating with law enforcement, blocking the access route, and strengthening internal monitoring. The firm apologized and advised customers to beware of impersonating calls or messages. This breach surpasses April's SK Telecom leak impacting 23.2 million users, which drew a record fine of 134.8 billion won. Concerns linger that the damage could grow, as in the recent Lotte Card case where initial denials were retracted.
With 24.7 million active users in its Product Commerce division during the third quarter, nearly all customers may be affected. Users are expressing anxiety over potential information misuse as the investigation continues.