South Korean police probe massive data leak at Coupang

1/12/2025 17:38

South Korean police said on Monday they were tracing IP addresses and looking into possible tech vulnerabilities at Coupang after the e-commerce giant suffered the country's worst data breach in over a decade.



The personal data of more than 33 million customers was leaked in a breach believed to have started on June 24 through overseas servers, though the company did not learn of the problem until November 18.



South Korea's Science Minister Bae Kyung-hoon said on Sunday the perpetrator had "abused authentication vulnerabilities" in Coupang's servers, and that authorities would be investigating whether the company violated rules regarding the protection of personal information.



Coupang, which is backed by Japan's SoftBank Group, has said the breach exposed customers' names, email addresses, phone numbers, shipping addresses and certain order histories, but not payment details or login credentials.



Broadcaster JTBC has reported that after conducting an internal investigation, Coupang suspects that a Chinese former employee, who was responsible for authentication tasks, was a key figure in the data breach.