Coupang and the Horrible, No Good, Very Bad Data Breach

Seoul Accuses E-Commerce Giant of 'Self-Investigation,' Impeding Government Probe Mathew J. Schwartz (euroinfosec) • January 16, 2026

Attempts by South Korean e-commerce giant Coupang to get ahead of a reputation-damaging data breach, apparently instigated by a rogue former employee who fled to China, are not going well.

See Also: On-Demand | NYDFS MFA Compliance: Real-World Solutions for Financial Institutions

In the weeks since the Korean peninsula's largest online retailer in late November warned current and former customers that a months-long incident led to the exposure of personal data pertaining to 33.7 million individuals, Coupang has managed to provoke a rebuke from government regulators, earn the ire of consumer advocates and draw sharp questions from Seoul lawmakers. The breach swept up names, addresses, emails and phone numbers. In a country of 52 million people, the breach affected nearly every adult.

The metastasizing incident has even caught the ...