South Korean e-commerce platform Coupang over the weekend stated almost 34 million Korean clients’ private info had been leaked in an information breach that had been ongoing for greater than 5 months.
The corporate stated it first detected the unauthorized publicity of 4,500 consumer accounts on November 18, however a subsequent investigation revealed that the breach had really compromised about 33.7 million buyer accounts in South Korea.
The breach affected clients’ names, electronic mail addresses, cellphone numbers, delivery addresses and sure order histories, per Coupang. Extra delicate information like cost info, bank card numbers, and login credentials was not compromised and stays safe, the corporate stated.
Coupang stated it has reported the incident to the Korea Web Safety Company (KISA), the Private Data Safety Fee (PIPC), and the Nationwide Police Company.
One among South Korea’s greatest e-commerce platforms, Coupang additionally affords a quick-commerce service referred to as “Rocket Supply” within the nation, and likewise operates its market in Japan and Taiwan. A Coupang spokesperson informed TechCrunch that the investigation has discovered no proof that client information from Coupang Taiwan or Rocket Now was affected within the information breach.
“Based on the investigation to this point, it’s believed that unauthorized entry to non-public info started on June 24, 2025, by way of abroad servers,” the corporate stated. “Coupang blocked the unauthorized entry route, strengthened inside monitoring, and retained consultants from a number one unbiased safety agency.”
Police have reportedly recognized not less than one suspect, a former Chinese language Coupang worker now overseas, after launching an investigation following a November 18 grievance.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
That is the most recent in a string of cybersecurity incidents in South Korea this 12 months. Coupang itself has suffered a number of information breaches which have uncovered buyer and supply drivers’ info in earlier years. Previous incidents included leaks between 2020 and 2021, and most not too long ago in December 2023, when its vendor administration system compromised the non-public info of greater than 22,000 clients.
