Hadisur Rahman, JadeTimes Staff

H. Rahman is a Jadetimes news reporter covering Business

Coupang, South Korea’s largest online retailer, acknowledged a data breach that exposed personal information from 33.7 million customer accounts through unauthorized access. The company, often dubbed the Amazon of South Korea, issued a public apology on Sunday, expressing regret for the inconvenience caused to its customers.

CEO Park Dae-jun conveyed the apology via the company’s website, stating, “We sincerely apologise once again for causing our customers inconvenience.” The breach prompted emergency discussions at the government level, as authorities assess whether Coupang violated safety rules governing personal information protection.

Coupang said it became aware of the breach on November 18 and promptly reported the incident to authorities. The firm is cooperating with law enforcement and regulatory agencies as the investigation proceeds. The company did not disclose details about the identity of the attacker but reported that the breach is believed to have originated on June 24 through overseas servers.

The disclosure also notes that the breach affected names, email addresses, phone numbers, shipping addresses, and certain order histories, while payment details and login credentials were not compromised. Coupang emphasized that customer payment information remained secure.

In the wake of the incident, government authorities, including the Korea Internet & Security Agency, issued a public advisory to affected users warning of potential phishing attempts and urging vigilance against suspicious communications.

The breach comes amid a series of high-profile data leaks involving major South Korean firms, underscoring ongoing concerns about data protection and cybersecurity in the region. Coupang reported having 24.7 million active commercial users in the third quarter, highlighting the scope of the exposure.

Coupang could not be reached for immediate comment outside business hours. The investigation continues as authorities scrutinize the company’s data protection practices and response procedures in the weeks ahead.