South Korea's President has issued a strong directive for immediate punitive measures following a devastating data breach at the country's leading online shopping platform, Coupang. The incident, which compromised the personal information of more than 33 million customers, has triggered a major national security and privacy crisis.
President Lee Condemns "Astonishing" Security Failure
President Lee Jae Myung ordered the government on Tuesday to take swift action against those responsible for the massive cyber incident. He expressed grave concern over the company's delayed response, stating it was "astonishing that the company failed to recognise the breach for five months." The President emphasized that the "scale of the damage is massive" and called for substantive countermeasures.
He specifically instructed authorities to "strengthen fines and make punitive damages a reality" to ensure accountability. "The cause of the accident must be quickly identified and (those responsible) must be held strictly accountable," President Lee asserted, highlighting the government's resolve to tackle corporate negligence in data security.
Details of the Coupang Data Breach
The data leak occurred through overseas servers over a significant period, from June 24 to November 8. Shockingly, Coupang, which is renowned for its lightning-fast deliveries of everything from groceries to electronics, only became aware of the intrusion last month.
According to police and local media reports, the company filed a complaint in November against the alleged perpetrator, identified as a former employee who is a Chinese national. Authorities are actively investigating the breach, tracing computer IP addresses and exploring possibilities for international collaboration in the probe.
Police have warned that the leaked information could "threaten the daily lives and safety of every single citizen." Coupang has notified affected customers that exposed data includes:
- Full names
- Email addresses
- Phone numbers
- Shipping addresses
- Partial order histories
The company has assured users that more sensitive data, such as payment details and login credentials, remained secure and were not accessed in the attack.
A Pattern of Major Cybersecurity Incidents in South Korea
This breach is not an isolated event in one of the world's most digitally connected nations. It follows a similar major incident at South Korea's largest mobile carrier, SK Telecom, which was fined approximately 134 billion won ($91 million) in August. That cyberattack compromised data belonging to nearly 27 million users.
South Korea's advanced digital infrastructure has also made it a prime target for state-sponsored hacking, particularly from arch-rival North Korea. Last year, police confirmed that North Korean hackers were responsible for stealing sensitive data, including personal financial records, from a South Korean court computer network over a two-year period.
Furthermore, just last month, the Yonhap News Agency reported that South Korean authorities suspect a North Korean hacking group may be behind a recent cyberattack on the cryptocurrency exchange Upbit. That attack resulted in the unauthorized withdrawal of 44.5 billion won in digital assets.
The repeated breaches underscore the critical need for enhanced cybersecurity protocols and stricter regulatory oversight in South Korea's corporate sector, a point President Lee Jae Myung is now pushing to address with renewed urgency.
