Coupang, Korea’s leading e-commerce platform – often compared to Amazon.com – has disclosed a major data breach. This breach has you—and the private data of about 4,500 customer accounts—wide open. The company first learned of the unauthorized access on November 18 and quickly reported the incident to law enforcement and other authorities.
The sensitive information revealed includes customers’ names, email addresses, phone numbers, shipping addresses, and partial order histories. Coupang states that the breach occurred as far back as June. Not only have they done this, they have further tied it to a server overseas. The breach impacts an eye-popping 33.7 million customer accounts in South Korea. That’s over two-thirds of the country’s nearly 52 million residents!
Coupang has promised their customers that they will not have to do anything today or in the near future. In addition, the company assured that the remaining information about their accounts is safely encrypted. The company is cautioning customers to be on the lookout for scams that could be disguised as Coupang.
According to the Ministry of Science and ICT in South Korea, the government’s telecommunications watchdog, it is still aggressively probing the breach. A former Coupang employee who lived in China is suspected in the unauthorized access. This latest development injects new complexity into the continuing investigation. The Ministry further reinforced the urgency of the situation by reiterating their plan to bring in an expedited inquiry.
“As the breach involves the contact details and addresses of a large number of citizens, the Commission plans to conduct a swift investigation and impose strict sanctions if it finds a violation of the duty to implement safety measures under the Protection Act.” – South Korea’s Ministry of Science and ICT
Coupang boasts about 25 million active users expanding its user base in a rapidly growing consumer economy. The group is currently assessing the extent of the breach and reviewing any potential breaches of data protection law. This breach represents yet another data breach affecting big South Korean corporations this year. Third, it does a great disservice to raise serious concerns about cybersecurity in the region.