South Korea’s leadership moved sharply on Tuesday after revelations of a sweeping data breach at e-commerce powerhouse Coupang, a rupture that compromised the personal details of more than 33 million people. President Lee Jae Myung said he was taken aback that the company allowed the intrusion to sit undetected for five months, stressing that the magnitude of the breach demanded an uncompromising response from state authorities.
Coupang, the country’s dominant online marketplace known for its rapid doorstep deliveries, admitted that data siphoning occurred through foreign servers between June 24 and November 8. The company learned of the breach only recently, according to investigators and local reports, which noted that Coupang filed a complaint in November naming a former employee, a Chinese national, as a key suspect.
President Lee instructed his cabinet to toughen penalties, expand fines, and ensure punitive damages are more than symbolic. He argued that the government must produce measures with real bite and ensure full accountability from everyone involved. The first task, he added, was identifying the precise mechanism that allowed the infiltration to succeed.
Read also: South Korea Unveils Hydrogen-Powered Hyundai Rotem’s K3 Tank
Police said on Monday that they were combing through IP addresses and checking for international coordination. They cautioned that the extent of the exposed data could disrupt daily routines and even endanger citizens if exploited maliciously.
Coupang has confirmed that customer names, phone numbers, emails, delivery addresses, and parts of their order histories were exposed. The company insisted that payment information and account passwords were not touched.
The incident arrives months after another major digital setback for the country. In August, mobile carrier SK Telecom was slapped with a 134-billion-won fine after a cyberattack released data tied to nearly 27 million subscribers. South Korea, despite its reputation as one of the world’s most connected societies, remains a frequent target for sophisticated hackers, including groups linked to North Korea.
Authorities have long warned that Pyongyang’s cyber units are evolving. Last year, police reported that North Korean operators infiltrated a South Korean court network for two years, gathering confidential financial records. And in November, officials said they suspected a North Korean group in the attack on crypto exchange Upbit, which led to the illicit drain of 44.5 billion won in digital assets.