South Korean e-commerce platform Coupang over the weekend mentioned practically 34 million Korean clients’ private info had been leaked in an information breach that had been ongoing for greater than 5 months.
The corporate mentioned it first detected the unauthorized publicity of 4,500 person accounts on November 18, however a subsequent investigation revealed that the breach had truly compromised about 33.7 million buyer accounts in South Korea.
The breach affected clients’ names, e mail addresses, telephone numbers, delivery addresses and sure order histories, per Coupang. Extra delicate knowledge like cost info, bank card numbers, and login credentials was not compromised and stays safe, the corporate mentioned.
Coupang mentioned it has reported the incident to the Korea Web Safety Company (KISA), the Private Info Safety Fee (PIPC), and the Nationwide Police Company.
Considered one of South Korea’s greatest e-commerce platforms, Coupang additionally provides a quick-commerce service known as “Rocket Supply” within the nation, and in addition operates its market in Japan and Taiwan. A Coupang spokesperson instructed TechCrunch that the investigation has discovered no proof that shopper knowledge from Coupang Taiwan or Rocket Now was affected within the knowledge breach.
“In line with the investigation to this point, it’s believed that unauthorized entry to non-public info started on June 24, 2025, through abroad servers,” the corporate mentioned. “Coupang blocked the unauthorized entry route, strengthened inner monitoring, and retained consultants from a number one impartial safety agency.”
Police have reportedly recognized at the least one suspect, a former Chinese language Coupang worker now overseas, after launching an investigation following a November 18 criticism.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
That is the most recent in a string of cybersecurity incidents in South Korea this yr. Coupang itself has suffered a number of knowledge breaches which have exposed customer and delivery drivers’ information in earlier years. Previous incidents included leaks between 2020 and 2021, and most lately in December 2023, when its vendor administration system compromised the private info of greater than 22,000 clients.
