Audio report: written by reporters, read by AI
Coupang, Korea’s largest e-commerce platform, disclosed a major data leak last week affecting 33.7 million customer accounts. The scale surpasses the breach at SK Telecom, which affected 23.24 million people and resulted in the largest fine ever imposed for violations of personal information protection. It is comparable to the 2011 hacking incident that exposed data from 35 million Cyworld and Nate users.The leaked information includes customer names, email addresses, delivery addresses and phone numbers. Coupang says payment information, credit card numbers and login credentials were not compromised, and that customers need not take separate action. Still, the scale of the breach has left users uneasy. The company had reported only 4,500 affected accounts nine days earlier, a figure that turned out to be 7,500 times smaller than the actual number. Customers are advised to avoid phone calls or messages impersonating Coupang.Unlike past data leaks at telecom companies, which were typically caused by hacking, this case may involve a former employee from China. Investigators suspect he extracted customer data over five months without the company noticing. If true, the incident exposes serious flaws in Coupang’s internal controls and access management. Since 2020, the company has suffered four data breaches and been fined a total of 1.5 billion won ($1.02 million). Each time, it pledged to prevent recurrence, yet the assurances prov
Coupang cybersecurity rating report: https://www.rankiteo.com/company/coupang
"id": "COU1764518078",
"linkid": "coupang",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': '33.7 Million',
'industry': 'Retail / E-commerce',
'location': 'South Korea',
'name': 'Coupang',
'size': 'Large (Korea’s Largest '
'E-commerce Platform)',
'type': 'E-commerce Platform'}],
'attack_vector': ['Insider Threat (Former Employee)',
'Unauthorized Data Extraction'],
'customer_advisories': ['No Immediate Action Required; Monitor '
'for Suspicious Communications'],
'data_breach': {'data_encryption': None,
'data_exfiltration': ['Yes (Over Five Months)'],
'file_types_exposed': None,
'number_of_records_exposed': '33.7 Million',
'personally_identifiable_information': ['Names',
'Email '
'Addresses',
'Delivery '
'Addresses',
'Phone '
'Numbers'],
'sensitivity_of_data': ['Moderate to High (PII '
'but No Payment Data)'],
'type_of_data_compromised': ['Personally '
'Identifiable '
'Information '
'(PII)']},
'description': 'Coupang, Korea’s largest e-commerce platform, '
'disclosed a major data leak affecting 33.7 '
'million customer accounts. The leaked '
'information includes customer names, email '
'addresses, delivery addresses, and phone '
'numbers. Unlike past breaches caused by hacking, '
'this incident may involve a former employee from '
'China who extracted data over five months '
'without detection. The company initially '
'reported only 4,500 affected accounts, later '
'revised to 33.7 million (7,500 times larger). '
'This marks Coupang’s fourth data breach since '
'2020, raising concerns about internal controls '
'and access management.',
'impact': {'brand_reputation_impact': ['Severe Damage Due to '
'Repeated Breaches',
'Loss of Credibility in '
'Data Protection'],
'conversion_rate_impact': None,
'customer_complaints': ['Increased Unease Among '
'Users'],
'data_compromised': ['Customer Names',
'Email Addresses',
'Delivery Addresses',
'Phone Numbers'],
'downtime': None,
'financial_loss': None,
'identity_theft_risk': ['High (Due to PII Exposure)'],
'legal_liabilities': ['Potential Fines (Historical '
'Fines: 1.5 Billion KRW / $1.02 '
'Million)'],
'operational_impact': ['Loss of Customer Trust',
'Reputational Damage'],
'payment_information_risk': ['None (Payment Info and '
'Login Credentials '
'Reportedly '
'Uncompromised)'],
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': ['Unconfirmed '
'(Under '
'Investigation)'],
'entry_point': ['Internal Access '
'(Former Employee)'],
'high_value_targets': ['Customer PII '
'Database'],
'reconnaissance_period': ['Five Months '
'(Undetected '
'Data '
'Extraction)']},
'investigation_status': 'Ongoing (Suspected Insider Threat from '
'Former Employee)',
'lessons_learned': ['Need for Stricter Internal Access Controls '
'and Monitoring',
'Importance of Accurate Initial Breach '
'Reporting',
'Risks of Insider Threats and Long-Term Data '
'Exfiltration',
'Reputational Costs of Repeated Breaches'],
'motivation': ['Potentially Financial Gain (Data Theft)',
'Unclear (Under Investigation)'],
'post_incident_analysis': {'corrective_actions': None,
'root_causes': ['Inadequate Internal '
'Controls for Data '
'Access',
'Failure to Detect '
'Prolonged Data '
'Exfiltration',
'Lack of Employee '
'Monitoring '
'Post-Termination',
'Repeated Breaches '
'Indicating Systemic '
'Security '
'Weaknesses']},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'recommendations': ['Implement Robust Insider Threat Detection '
'Systems',
'Enhance Data Access Logging and Anomaly '
'Monitoring',
'Conduct Regular Audits of Employee Access '
'Rights',
'Improve Transparency in Breach Disclosures',
'Strengthen Customer Communication During '
'Incidents'],
'references': [{'date_accessed': None,
'source': 'Audio Report (Reporters, Read by AI)',
'url': None},
{'date_accessed': None,
'source': 'Historical Context: SK Telecom Breach '
'(23.24M Affected) and 2011 '
'Cyworld/Nate Hack (35M Affected)',
'url': None}],
'regulatory_compliance': {'fines_imposed': ['Historical Fines: '
'1.5 Billion KRW '
'($1.02 Million); '
'Potential New Fines '
'Pending'],
'legal_actions': None,
'regulations_violated': ['Personal '
'Information '
'Protection '
'Act (South '
'Korea)'],
'regulatory_notifications': ['Likely '
'(Given '
'Scale '
'and Past '
'Violations)']},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': ['Public Disclosure',
'Customer Notification '
'(No Action Required for '
'Affected Users)'],
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': ['Yes (Investigation '
'Ongoing)'],
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': ['Customer Advisory to Avoid '
'Phishing (Impersonation '
'Calls/Messages)'],
'remediation_measures': None,
'third_party_assistance': None},
'stakeholder_advisories': ['Customers Advised to Beware of '
'Phishing (Impersonation Scams)'],
'threat_actor': ['Former Employee (Suspected, from China)'],
'title': 'Coupang Major Data Leak Affecting 33.7 Million '
'Customer Accounts',
'type': ['Data Breach', 'Insider Threat'],
'vulnerability_exploited': ['Poor Internal Access Controls',
'Lack of Monitoring for Unauthorized '
'Data Exfiltration']}}