In a significant cybersecurity incident, Coupang, South Korea's dominant e-commerce platform often compared to Amazon, has confirmed a massive data breach that compromised the personal information of a staggering 33.7 million customer accounts.
Timeline and Details of the Security Breach
The company first detected the unauthorized intrusion on November 18. However, upon investigation, it was revealed that the illegal access to customer accounts had actually begun much earlier, starting from June 24. Coupang stated that the hackers executed this breach by routing their activities through overseas servers.
The scale of this incident is immense, affecting nearly the entirety of Coupang's extensive customer base. The company is renowned for its ultra-fast "Rocket" delivery service, which has made it a household name in South Korea.
What Customer Information Was Compromised?
According to the company's official statements, the hackers successfully accessed basic personal data. This exposed information includes:
- Customer names
- Email addresses
- Phone numbers
- Shipping addresses
- Certain order histories
In a crucial piece of reassurance for worried customers, Coupang has emphasized that the highly sensitive financial details remained secure. The company confirmed that payment information, credit card numbers, and user login credentials were not accessed by the unauthorized parties.
Company Response and Precautionary Measures
Coupang has taken swift action in response to this crisis. The access route used by the hackers has been blocked, and the company has strengthened its internal monitoring systems to prevent future incidents.
The e-commerce leader has launched a full-scale investigation in collaboration with cybersecurity experts. They are also working closely with law enforcement agencies and regulatory authorities to address the situation.
In an official communication, Coupang has apologized for the data leak and is urging all its customers to be extremely cautious. They have advised users to be wary of unsolicited phone calls, text messages, or any other communications where someone might be impersonating the company.
This latest security breach is notably larger than the one Coupang reported just days prior on November 20, which involved about 4,500 customers. It also surpasses the major data leak at SK Telecom in April, which affected 23.2 million users and resulted in a record fine of 134.8 billion won.
