CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Data Breaches

Personal Information of 33.7 Million Stolen From Coupang

Names, addresses, email addresses, and phone numbers were compromised in a five-month-long data breach. The post Personal Information of 33.7 Million Stolen From Coupang appeared first on SecurityWeek.

Coupang data breach

US-listed ecommerce giant Coupang (NYSE: CPNG), one of South Korea’s largest online retailers, has disclosed a five-month-long data breach involving the personal information of 33.7 million customers in Korea.

The incident, the company says, came to light on November 18, when it “became aware of unauthorized personal data access” to roughly 4,500 customer accounts.

“Subsequent investigation has revealed that the extent of customer account exposure is about 33.7 million accounts, all in Korea,” a Coupang spokesperson told SecurityWeek.

The company has revealed that a threat actor gained access to customers’ personal information on June 24, 2025, “via overseas servers”.

Coupang says it immediately blocked the unauthorized access, improved internal monitoring, and notified the relevant authorities in Korea, including the Ministry of Science and ICT, the Personal Information Protection Commission, the Korea Internet Security Agency, and the National Police Agency.

During the five-month window, the threat actors accessed customer names, email addresses, shipping addresses, phone numbers, and order history.

“No payment details, credit card numbers, or login credentials were exposed so no account action is required from Coupang users at this time,” the company said.

In an incident notice on its website, the company said it would notify all affected individuals via email or text message.

“Protecting all customer information is Coupang’s top priority. Coupang takes this obligation very seriously and maintains comprehensive data protection and security measures and processes,” Coupang CEO Park Dae-Joon said in an apology message.

What the company did not say was who was responsible for the data breach or how the intruders gained access to its systems.

According to Yonhap News Agency, a former Coupang employee is the main suspect in the investigation. The individual, a Chinese national, has reportedly left the country.

While it is mainly known in South Korea, Coupang is a technology and Fortune 150 company incorporated in Delaware that operates in 190 countries and territories globally.

Related: Asahi Data Breach Impacts 2 Million Individuals

Related: Spanish Airline Iberia Notifies Customers of Data Breach

Related: 146,000 Impacted by Delta Dental of Virginia Data Breach

Related: Alumni, Student, and Staff Information Stolen From Harvard University

Latest News

CYBERNEWSMEDIAPublisher