South Korea’s e-commerce giant Coupang confirms data breach affecting 33.7 million users – what was compromised

South Korean retail giant Coupang apologised on Sunday, as a data breach exposed the personal details of 33.7 million customers. The government launched the investigation, as the leak raises broader concerns over corporate cybersecurity and potential phishing risks. Here's what is at stake.

Updated1 Dec 2025, 11:51 AM IST

South Korea’s largest online retailer, Coupang, issued a public apology on Sunday after a massive data breach exposed the personal details of 33.7 million customers.(Pixabay)

South Korea’s largest online retailer, Coupang, issued a public apology on Sunday after a massive data breach exposed the personal details of 33.7 million customers, reported Reuters. The company confirmed that unauthorised access to its systems led to the leak of sensitive user information.

What did the Coupang chief say?

Park Dae jun, chief executive of the e-commerce giant often likened to Amazon in South Korea, posted an apology on the firm’s website, expressing regret for the distress caused to customers. He said the company is working closely with police and regulators as investigations continue.

Government launches investigation

Reportedly, the breach has prompted an emergency government meeting, with the Ministry of Science and ICT reviewing whether Coupang violated national data protection rules. Minister Bae Kyung-hoon said officials are assessing the company’s security practices and compliance with personal information safeguards.

View full Image

Coupang revealed that it discovered the breach on 18 November and immediately notified authorities.

(AI-generated graphic)

Details of the Coupang data breach

Coupang revealed that it discovered the breach on 18 November and immediately notified authorities. The retailer said customer names, phone numbers, email addresses, shipping details and parts of order histories were compromised. Payment information and login credentials were not affected.

Also Read | Google denies Gmail data breach after reports of millions of passwords leaked

The unauthorised access is believed to have begun on 24 June and was carried out through overseas servers, according to the company.

Former employee suspected

Local media outlet Yonhap reported that police are investigating a former Chinese employee of Coupang in connection with the incident. The company has reportedly filed a complaint with law enforcement, although no further details have been made public.

Also Read | Salesforce blocks Gainsight tools while it investigates possible data leak

Wider concerns over corporate security

The intrusion adds to a growing list of data leaks affecting major South Korean firms, including telecoms operators. Cybersecurity officials have warned that incidents of this scale highlight persistent vulnerabilities across corporate networks.

The government has urged affected customers to remain alert to phishing attempts and suspicious messages. Officials advised users to monitor accounts carefully and to avoid clicking on unknown links.

(With inputs from Reuters)

Key Takeaways

Data breaches can expose sensitive personal information, necessitating vigilance from users.
Companies must prioritize cybersecurity to protect customer data and avoid legal repercussions.
Government oversight is crucial in enforcing data protection compliance among corporations.

Cybercrimes Cyber Extortion

^{Get Latest real-time updates}

Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.

Business News Technology NewsSouth Korea’s e-commerce giant Coupang confirms data breach affecting 33.7 million users – what was compromised

Wait for it…

Oops! Looks like you have exceeded the limit to bookmark the image. Remove some to bookmark this image.