South Korean e-commerce giant Coupang has issued a revised notice confirming a massive data leak affecting 33.7 million customers—nearly two-thirds of the country’s population. While payment data was reportedly not stolen, exposed information includes names, addresses, and contact details.
Business Impact
This is a catastrophic privacy incident for a market leader. The massive volume of exposed PII creates a long-term risk of targeted phishing and fraud for millions of users. It will likely trigger intense regulatory scrutiny and significant fines under local data protection laws.
Why It Happened
The breach reportedly originated from unauthorized access via overseas servers. Attackers managed to bypass perimeter defenses to access customer databases, highlighting potential gaps in geo-blocking or access monitoring strategies.
Recommended Executive Action
For organizations operating in APAC, review your data residency and cross-border access controls. Ensure that “crown jewel” customer databases have strict anomaly detection alerts for bulk exports, especially to unexpected geographic locations.
Hashtags: #DataBreach #Coupang #Ecommerce #Privacy #SouthKorea #CyberAttack #InfoSec #GDPR