Coupang Apologizes After Major Data Breach Impacting 33.7 Million Users – Full Report (30 November 2025)

Coupang Apologizes After Massive Data Breach Affecting Over 33.7 Million Users

South Korea’s leading e-commerce giant Coupang has officially apologized after confirming one of the largest data breaches in the country’s digital history. On 30 November 2025, the company revealed that 33.7 million customer accounts were exposed due to unauthorized access that remained undetected for several months.

According to Coupang, the compromised information includes names, email addresses, phone numbers, delivery addresses, and order history. However, the company assured the public that no credit card details, payment information, or login passwords were leaked.

Initially, the company had reported that only around 4,500 users were affected, but after deeper investigation the figure increased dramatically — covering almost the entire past and present user base of the platform.

The breach reportedly began on 24 June 2025, and the hacker used international servers to access Coupang’s internal customer data systems. As soon as the unauthorized activity was detected, the company shut down the access route, reinforced its monitoring systems, and informed authorities for further investigation.

South Korean regulators and cybersecurity agencies have launched a nationwide inquiry following the revelation. Investigators believe that a former employee of Chinese nationality may have been involved, although the investigation is still ongoing.

Coupang CEO Park Dae-jun issued a public apology, stating that the company takes full responsibility and will implement stronger data security measures to prevent such incidents in the future. He emphasized that restoring customer trust is now the company’s top priority.

Cybersecurity experts warn that although financial data was not leaked, the exposed personal information could still lead to phishing attacks, fraud attempts, spam campaigns, and identity-related cyber crimes. Authorities have urged consumers to remain cautious of suspicious calls, emails, and messages.

This cyberattack has raised serious questions about the state of data security in South Korea’s digital commerce sector. It highlights the urgent need for stronger regulatory oversight, improved cybersecurity frameworks, and transparent corporate responsibility.

The incident represents not only a major setback for Coupang’s credibility but also a lesson for the entire e-commerce industry. Users now demand safer systems, stronger data protection protocols, and accountability in the handling of personal information.