Excerpt from Korea JoongAng Daily Article, Published on December 1, 2025
South Korea’s leading e-commerce company, coupang, is under intense national scrutiny after confirming a massive data breach that exposed sensitive customer information. The incident, which affected more than 33.7 million users, has triggered debates about the strength of cybersecurity frameworks and national certification standards. Moreover, the scale of the breach has raised doubts about how such an intrusion went undetected for months.
According to early reports, the leaked data includes names, email addresses, phone numbers, and delivery details. However, passwords and payment information were not compromised. Even so, security experts warn that this type of personal data is extremely valuable to hackers. As a result, millions of customers may now face phishing attempts and identity – related fraud.
Authorities believe the breach may have been carried out by a former employee who allegedly collected data for nearly five months. This development raises serious concerns about access controls within coupang. Additionally, it highlights the urgent need for companies to enforce continuous monitoring and strict permission policies. Coupang had previously secured ISMS – P — the government – approved data security certification — multiple times. Yet, this incident has revived questions about the effectiveness of national standards. Therefore, many industry leaders are calling for stronger audits and more rigorous enforcement of compliance frameworks.
This breach is one of the largest in Korea’s digital commerce history. Furthermore, it comes at a time when coupang was already dealing with public scrutiny over workplace issues. Consequently, the company must now demonstrate real commitment to data protection and rebuild consumer trust. Strengthened internal systems, transparent reporting, and corrective measures will be critical moving forward.
To delve deeper into the topic, Visit Korea JoongAng.
