Coupang Offers NT$200 Million in Compensation After Data Breach Affecting 200,000 Taiwanese Users
South Korean e-commerce giant Coupang Inc. will compensate over 200,000 Taiwanese customers following a November 2023 data breach that exposed personal information. Starting March 8, eligible users can claim a NT$1,000 (US$32) gift voucher via the Coupang app, a dedicated website, or customer service.
The breach stemmed from a former employee who accessed customer data from the company’s systems. While Coupang initially stated there was no evidence of Taiwanese users being affected, cybersecurity firm Mandiant later confirmed that 200,000 Taiwanese accounts had their data exposed, including names, emails, phone numbers, and delivery addresses. However, sensitive details such as credit card numbers, passwords, and national ID numbers were not compromised.
In South Korea, Coupang issued 50,000 won (US$34.91) vouchers to 33.7 million account holders as part of a similar compensation program. The company reported that only one Taiwanese customer’s data was stored locally, with the rest belonging to South Korean users.
Coupang has recovered all devices used by the former employee and conducted a full forensic analysis. While there is no evidence of data being sold or misused, the company has updated its systems to prevent future leaks. Investigations remain ongoing.
Source: https://www.taipeitimes.com/News/taiwan/archives/2026/02/25/2003852871
Coupang Inc. TPRM report: https://www.rankiteo.com/company/coupang
"id": "cou1772001384",
"linkid": "coupang",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '200,000 (Taiwanese users)',
'industry': 'Retail',
'location': 'South Korea',
'name': 'Coupang Inc.',
'type': 'E-commerce'}],
'attack_vector': 'Insider Threat',
'customer_advisories': 'Compensation program details shared via app, website, '
'and customer service',
'data_breach': {'data_exfiltration': 'No evidence of data being sold or '
'misused',
'number_of_records_exposed': '200,000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Low to Moderate (no credit card '
'numbers, passwords, or national ID '
'numbers)',
'type_of_data_compromised': ['Names',
'Emails',
'Phone numbers',
'Delivery addresses']},
'date_detected': '2023-11',
'description': 'South Korean e-commerce giant Coupang Inc. will compensate '
'over 200,000 Taiwanese customers following a November 2023 '
'data breach that exposed personal information. The breach '
'stemmed from a former employee who accessed customer data '
'from the company’s systems. Exposed data included names, '
'emails, phone numbers, and delivery addresses, but sensitive '
'details such as credit card numbers, passwords, and national '
'ID numbers were not compromised.',
'impact': {'brand_reputation_impact': 'Yes',
'data_compromised': 'Personal information (names, emails, phone '
'numbers, delivery addresses)',
'financial_loss': 'NT$200 million (compensation)',
'identity_theft_risk': 'Potential',
'payment_information_risk': 'No'},
'initial_access_broker': {'data_sold_on_dark_web': 'No evidence'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Updated systems to prevent '
'future leaks',
'root_causes': 'Former employee accessed customer '
'data'},
'references': [{'source': 'News Article'}],
'response': {'communication_strategy': 'Compensation program announced via '
'app, website, and customer service',
'containment_measures': 'Recovered all devices used by the '
'former employee',
'recovery_measures': 'Full forensic analysis conducted',
'remediation_measures': 'Updated systems to prevent future leaks',
'third_party_assistance': 'Mandiant (cybersecurity firm)'},
'threat_actor': 'Former Employee',
'title': 'Coupang Data Breach Affecting 200,000 Taiwanese Users',
'type': 'Data Breach'}