Ethical Hacking News
Coupang has announced a $1.17 billion compensation package for nearly 34 million customers affected by a data breach, providing purchase vouchers worth approximately $1.2 billion. The incident highlights the need for robust cybersecurity measures and ongoing vigilance in the face of evolving threats.
Coupang has announced a $1.17 billion compensation package for nearly 34 million customers affected by a data breach.The breach exposed personal information, including names, emails, and shipping addresses, but no sensitive information was compromised.The incident highlights the importance of robust cybersecurity measures in the digital age.Coupang's response demonstrates its commitment to customer safety and trust.The breach raises questions about the adequacy of South Korea's cybersecurity laws and regulations.Coupang will provide purchase vouchers worth 1.685 trillion won (approximately $1.17 billion USD) to affected customers.A suspect, a former Chinese Coupang employee, has been identified and notified to relevant authorities.
In a move that can only be described as a remarkable display of corporate responsibility, Coupang, South Korea's leading e-commerce and logistics platform, has announced a staggering $1.17 billion compensation package to address the data breach affecting nearly 34 million customers. The breach, which was first detected in June 2025, exposed personal information including names, emails, phone numbers, shipping addresses, and some order histories, but fortunately, no sensitive information such as payment data or login credentials was compromised.
The breach, which was attributed to unauthorized access via overseas servers, highlights the importance of robust cybersecurity measures in the digital age. Coupang's announcement that it had blocked the unauthorized access route, strengthened internal monitoring, and retained experts from a leading independent security firm is a testament to the company's commitment to customer safety and trust.
The data breach also raises questions about the adequacy of South Korea's cybersecurity laws and regulations. The country's Personal Information Protection Commission (PIPC) was notified of the incident, but it appears that the breach did not impact customer data from Coupang's Taiwan marketplace or Rocket Now, its food delivery service in Japan. This disparity highlights the need for more comprehensive and harmonized cybersecurity standards across industries.
Coupang's decision to provide purchase vouchers worth 1.685 trillion won (approximately $1.17 billion USD) to affected customers is a significant gesture of goodwill and a clear demonstration of the company's commitment to making amends. The vouchers will be made available starting January 15th, 2026, and will be redeemable across Coupang's services.
The incident has also sparked an emergency meeting with key government officials in Seoul, led by Deputy Prime Minister and ICT Minister Bae Kyung-hoon. The police have identified a suspect, a former Chinese Coupang employee who has since left the country, and the company has notified the Securities and Exchange Commission that the individual is the culprit.
Coupang's founder and chairman Kim Bum-seok has also spoken out, stating that all the stolen data was recovered and that the leaker's storage devices had been seized. The company's interim CEO, Harold Rogers, added that the incident will be an opportunity for Coupang to "deeply practice 'customer-centricity' and fulfill its responsibilities to the end, transforming into a company that customers trust."
The breach is part of a series of cybersecurity incidents in South Korea, with Coupang facing multiple security incidents in recent years, including exposures of customer and driver data from 2020-2021 and a December 2023 data breach affecting over 22,000 customers. The incident serves as a reminder of the importance of robust cybersecurity measures and the need for ongoing vigilance in the face of evolving threats.
In conclusion, Coupang's $1.17 billion compensation package is a significant step towards making amends with its affected customers. However, it also highlights the need for more comprehensive and harmonized cybersecurity standards across industries and the importance of continuous investment in cybersecurity measures to prevent such incidents from occurring in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Coupangs-117-Billion-Data-Breach-Compensation-Package-A-Cautionary-Tale-of-Customer-Centrality-ehn.shtml
https://securityaffairs.com/186331/security/coupang-announces-1-17b-compensation-plan-for-33-7m-data-breach-victims.html
https://www.chosun.com/english/market-money-en/2025/12/08/KXCKOF2BYJEFHJQJDYZI6MQZSE/
https://www.straitstimes.com/asia/east-asia/240000-victims-of-coupang-data-leak-sue-south-korean-company
Published: Tue Dec 30 15:00:15 2025 by llama3.2 3B Q4_K_M
