Korea’s Coupang reports that a data breach has compromised the personal details of almost 34 million users
Massive Data Breach Hits Coupang, Impacting Millions of Users
Coupang, a leading e-commerce company in South Korea, recently disclosed that the personal details of almost 34 million Korean users were compromised in a prolonged data breach lasting over five months.
The issue was initially discovered on November 18, when the company noticed unauthorized access to 4,500 user accounts. However, further investigation uncovered that the breach was far more extensive, ultimately affecting around 33.7 million customer accounts in South Korea.
According to Coupang, the exposed information includes customers’ names, email addresses, phone numbers, shipping details, and certain order records. The company assured that more sensitive data, such as payment details, credit card numbers, and account passwords, were not accessed and remain protected.
Authorities including the Korea Internet Security Agency (KISA), the Personal Information Protection Commission (PIPC), and the National Police Agency have been notified about the incident by Coupang.
As one of the country’s largest online retailers, Coupang is also known for its rapid delivery service, “Rocket Delivery,” and operates in Japan and Taiwan as well. A company representative informed TechCrunch that there is no indication that customer data from Coupang Taiwan or Rocket Now was compromised during this breach.
“Based on the current findings, unauthorized access to user information is believed to have started on June 24, 2025, through servers located overseas,” Coupang stated. “We have since blocked the access point, enhanced our internal security monitoring, and engaged specialists from a top independent cybersecurity firm.”
Reports suggest that police have identified at least one suspect—a former Coupang employee from China who is now overseas—after beginning their investigation in response to the November 18 complaint.
This incident adds to a series of cybersecurity challenges faced by South Korean companies this year. Coupang has previously experienced several breaches, including incidents between 2020 and 2021, and most recently in December 2023, when a seller management system leak exposed the personal data of over 22,000 customers.
