34 Million Customers Affected in Korea Breach
South Korea's largest online retailer, Coupang, has apologized for a major data breach involving approximately 34 million local customer accounts.
South Korea's largest online retailer, Coupang, has apologized for a major data breach involving approximately 34 million local customer accounts.
The country's Internet Authority said it is investigating the breach and that details of millions of accounts may have been exposed.
The e-commerce platform is often described as South Korea's equivalent of Amazon.com. The breach is the latest in a series of data leaks at major companies in the country, including its telecommunications company, SK Telecom.
Coupang said it learned of unauthorized access to personal data of approximately 4,500 customer accounts on November 18 and immediately reported it to authorities.
But a subsequent investigation found that approximately 33.7 million customer accounts—all in South Korea—may have been exposed, Coupang said, adding that the breach is believed to have originated as early as June from a server located overseas.
Coupang stated that the exposed data is limited to names, email addresses, phone numbers, shipping addresses, and some order history.
No credit card information or login credentials were leaked. The firm further stated that those details are safe and Coupang users do not need to take any action at this time.
The number of accounts affected by this incident represents more than half of South Korea's population of approximately 52 million.
Coupang, which originated in South Korea and is headquartered in the US, recently stated that it has approximately 25 million active users.
Coupang apologized to its customers and warned them to be alert to scams impersonating the company.
The firm did not provide details about who was behind the breach.
South Korean media outlets reported on Sunday that a former Coupang employee in China is suspected of being behind the breach.
South Korea's Science and ICT Ministry said in a statement that officials are assessing the scale of the breach and whether Coupang violated any data protection safety regulations.
"Because this breach involves contact details and addresses of a large number of citizens, the Commission plans to conduct a swift investigation and impose strict sanctions if it finds a violation of its obligation to implement security measures under the Data Protection Act."
Coupang has suffered several cybersecurity breaches in recent years, including one incident in which the data of 460,000 customers was exposed.
Major South Korean organizations have strongly criticized this new breach.
The editorial board of the local newspaper Chosun Ilbo called the incident "absurd" and called for strict sanctions against the firms responsible for the leak of its customer data.
Another local media outlet, Dong-A Ilbo, said the breach was the "worst personal data leak" in Korea's history.
The media outlet questioned how long the incident went unnoticed, saying it "imply[ed] their internal data protection systems were inadequate."
The breach is the latest in a series of cybersecurity incidents affecting major South Korean companies this year, despite the country's reputation for strict data privacy regulations.
SK Telecom, South Korea's largest mobile operator, was fined nearly $100 million (£76 million) for a data breach involving more than 20 million subscribers.
In September, Lotte Card also said data on approximately three million customers had been leaked following a cyberattack on its credit card firm.
What's Your Reaction?
Like
0
Dislike
0
Love
0
Funny
0
Angry
0
Sad
0
Wow
0
