South Korean e\u2011commerce giant Coupang has disclosed a massive data breach that exposed personal information from approximately 33.7 million customer accounts, making it one of the largest cyber incidents in the country\u2019s history.
\u200bThe exposed data includes names, email addresses, phone numbers, postal or shipping addresses, and order histories, with some reports noting leak of delivery entrance codes, raising concerns about both digital and physical security risks for customers. Coupang has stated that payment card data, bank information, and account passwords were not accessed, which may limit direct financial fraud but still leaves users vulnerable to targeted phishing and social\u2011engineering attacks. Investigators are examining indications that a former employee abused long\u2011valid cryptographic keys or tokens linked to Coupang\u2019s authentication systems, allowing creation of fraudulent access tokens that bypassed normal security controls from abroad. South Korean regulators and police have launched a joint investigation, and the incident has triggered intense public backlash, potential regulatory sanctions, and growing legal action against the company and its leadership.<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
South Korean e\u2011commerce giant Coupang has disclosed a massive data breach that exposed personal information from approximately 33.7 million customer accounts, making it one of the largest cyber incidents in the country\u2019s history. \u200bThe exposed data includes names, email addresses, phone numbers, postal or shipping addresses, and order histories, with some reports noting leak of delivery entrance codes, raising concerns [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":8972,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[220,225,6,10,5,7,8],"tags":[],"class_list":["post-9047","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-government-advisory","category-heavy-industry","category-latest_news","category-latest_vulnerabilities","category-ce_listen","category-by_country","category-industry_sector"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2025\/09\/093024_data_breach.jpg?fit=1200%2C800&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9047"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=9047"}],"version-history":[{"count":1,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9047\/revisions"}],"predecessor-version":[{"id":9048,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9047\/revisions\/9048"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/8972"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=9047"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=9047"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=9047"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}