These days, a new data leak in Korea is being controversial, this time affecting one of thebiggest (or the biggest) e-commerce platform in South Korea, Coupang. For those who don’t know, Amazon is not available in South Korea, and most people use Coupang, which offers similar functionality. Additionally, Coupang has its own division for food delivery services, called Coupang Eats. Let’s talk about this leak.
What happened?
According to Coupang and recent reports, the leak started on June 24th and lasted until November 8th, and it affected almost 34 million accounts. Names, Email addresses, phone numbers, shipping addresses, and some order history have been leaked. Initially, Coupang reported that only 4500 accounts were affected, but after further investigation. Coupang stated the following:
“As we review all log data from July last year to November this year, we have confirmed that private data from more than 30 million accounts was leaked,” Second Vice Science Minister Ryu Je-myung said during a parliamentary session. “The attack was carried out from June 24 to Nov. 8.”
According to JTBC, Coupang suspects that a Chinese employee was involved in this leak which was related to authentication systems. It is reported that a former employee used his credentials to access customers’ information, even though the contract was terminated, their credentials were not removed, which seems to be a clear mistake in the security policies of Coupang.
What are the consequences of this leak?
This leak is a huge one as most of Korean households have a Coupang account, and the estimated number of affected users is 34 million of a total South Korean population of 50 million. However, this is not the first big leak of this year 2025; earlier this year, another massive leak affected millions of users in KT. Therefore, many users are not that concerned about their data being leaked, at least as long as their payment data is not affected. Also, Coupang have a very strong leadership in e-commerce, hence probably the impact on their sales will not be too big.
However, it seems that the government is starting to push to begin introducing more and stronger punishments to companies that suffer data leaks recurrently, as it could be considered that they are not doing enough to prevent them.
Also, this Monday, around 10.000 internet users are willing to to start a collective lawsuit against Coupang, and they are asking 100.000 wons per affected user (around 60 euros), which is not that much in my opinion. Because of this, the Coupang stocks went down.
What could Coupang do to prevent future leaks?
In my opinion, this happened because the IT policy in Coupang and in many companies is not good enough. If the assumptions revealed in the investigation are correct, it is not possible that someone has access to the company’s servers using credentials of a former employee. In a company of this size and relevance, there should be a department that voids the former employees credentials to prevent them from being used again. Also, the number of queries should be limited to all employees, as I am sure that no employee needs access to that amount of information every day. Not sure how they did the leak, as I am not an expert in this field, but it shouldn’t be able to copy and paste (or export) the information outside of the company platform. but once again I guess the method wouldn’t be that simple.
Anyway, the multiple massive data breaches that have happened this year seem to suggest that South Korean companies are not taking seriously enough the importance of a strong cybersecurity system. The sensitive data should be encrypted; if it is not, the employees should be forced to update their passwords every few weeks and use password managers if required. And obviously, the same day that anyone leaves the company, their credentials should be voided immediately. This is the responsibility of the management, and due to the huge impact that it could have on a country that, technically, is still at war, the company should take action and force all businesses to have much stronger cybersecurity policies. And of course, send to jail the person responsible for not taking the necessary actions.
What to do if you have been affected.
Well, first don’t panic, as probably your data has already been leaked in any of the multiple breaches that have affected the country recently. But in my opinion, I would do this to prevent being affected by future leaks:
- Use unique safe passwords for every site. Do not use the same password for all websites, this is becoming more and more dangerous. You can use a password manager for that.
- Try to use an email alias service. This kind of service allows you to create “fake” emails that redirect the emails to your real inbox. In my case, I use Simplelogin, but I am sure that there are alternatives to that. This has 3 effects.
- You can replace the leaked email with a new one, and just remove the old one.
- This way can disable the leaked email address and stay safe from the leak and prevent future spammers or scammers to contact you.
- You can filter who is coming to this email. Imagine that you receive an email that pretends to be from the bank, but you see that it is coming from the email that you gave to Coupang, and no one else should have this email. You can confirm that it has been leaked and know who leaked your email.
- If it is possible, try to update the password and email address regularly (maybe every year or every 6 months). I know, this is annoying, but it could be good if you’re very concerned about your safety.
- Be very careful with emails that you receive and phone calls, could be phishing through email or voice phishing. If someone pushes you to do anything, don’t rush and try to confirm the identity of the caller. This kind of scam will become more common so need to be cautious.
Anyway, take into consideration that you can log in to Coupang using only an SMS to your phone, and as the phone number has been leaked, it could be possible to log in if your SIM card has been copied.
Discover more from Kimchi diary
Subscribe to get the latest posts sent to your email.
