Artificial Intelligence & Machine Learning,
Cybercrime,
Fraud Management & Cybercrime
Chinese Developer Linked to Coupang Data Breach Investigation
South Korea’s leading e-commerce platform, Coupang, has reported a substantial data breach that potentially exposed the personal data of 33.7 million customers—a staggering two-thirds of the country’s population—over several months. The breach is believed to have originated from overseas servers beginning June 24 and continuing until late last month.
The data exposed includes names, email addresses, phone numbers, shipping addresses, and some order details, although passwords and payment information were reportedly not compromised. In an official statement, Coupang CEO Park Dae-jun disclosed that the company is currently reviewing its data security protocols and has initiated enhanced cybersecurity measures to prevent future incidents.
The breach was identified following contact from a suspected former employee, who allegedly threatened to disclose stolen customer information unless compensated. Reports suggest the individual is a Chinese national who may have fled the country. During a parliamentary hearing, Park revealed that this individual was employed as a developer responsible for user verification systems, raising questions about potential insider threats.
The South Korean government, alarmed by the extent of the breach, has pledged a thorough investigation. President Lee Jae Myung expressed his concern over the breach’s duration, highlighting a critical lapse in data security management. The Personal Information Protection Commission of South Korea has already received multiple breach notifications from Coupang and has initiated a comprehensive inquiry into the incident, focusing on security safeguards such as access controls and encryption practices.
Initially, Coupang reported that 4,500 customers were affected, but this figure drastically increased after further investigation. Regulatory bodies are prepared to impose significant penalties if any security shortcomings are identified. In the wake of the breach, a warning was issued to Coupang customers regarding potential phishing attacks leveraging the compromised data.
Coupang, often referred to as the “Amazon of South Korea,” recorded over 24.7 million active customers as of June 30, 2025, an increase of 10% year-on-year. However, reflecting the fallout from the incident, Coupang’s stock dropped by 7% following the breach revelation. Analysts remain cautiously optimistic regarding long-term customer retention, attributing Coupang’s resilient market position to its robust service offerings.
This breach represents a serious challenge not only for Coupang but also reflects broader vulnerabilities within South Korea’s critical digital commerce infrastructure. In recent months, significant breaches have targeted other major entities, including South Korean Telecom and Upbit, the nation’s largest cryptocurrency exchange, underscoring an urgent need for enhanced cybersecurity measures across industries.
As investigations move forward, Coupang faces growing scrutiny from both regulators and the public, with implications that may challenge the company’s standing in a competitive market. This incident serves as a stark reminder of the evolving threats in cybersecurity, emphasizing the need for vigilance, robust security frameworks, and the implementation of best practices, as outlined by the MITRE ATT&CK Matrix.
With reporting by Prajeet Nair in Bengaluru, India.
