A South Korean e-commerce platform over the weekend said about 34 million Korean personal information had been leaked in a data breach that has been going on for more than five months.
The company said it first discovered the user exposure of 4,500 user accounts on November 18, but a subsequent investigation revealed that the breach actually compromised around 33.7 million customer accounts in South Korea.
Name of affected Violator, email address, phone number, delivery address and specific order history, in Coupang. Other sensitive data like payment information, credit card numbers, and login credentials are not compromised and remain secure, the company said.
Coupang said it has reported the incident to the Korea Internet Security Agency (KISA), the Protection Information Protection Commission (PIPC), and the national police agency.
One of Korea’s largest e-commerce platforms, Coupang also offers a rapid trade service called “Rocket Shipping” in the country, and also operates markets in Japan and Taiwan. A Coupang spokesperson told Techcrunch that the investigation has not found any consumer data from Coupang Taiwan or Rocket currently affected by the data breach.
“According to the investigation to date, it is believed that unauthorized access to personal information began on June 24, 2025, through an overseas server,” the company said. “Coupang blocks unauthorized access routes, strengthened internal monitoring, and retained experts from independent security companies.”
The police have it reported It identified at least one suspect, a former employee of the Chinese bank now abroad, after launching an investigation into the November 18 complaint.
TechCrunch events
San Francisco
I’m fat
October 13-15, 2026
This is the latest in dodok ring rope in South Korea This year. KustaD itself has suffered several data breaches with its owners Exposed customers and Driver Driver Information in previous years. Past incidents include leaks between 2020 and 2021, and the latest in December 2023when the seller’s management system compromised the personal information of more than 22,000 customers.