What caused the massive data leak at Coupang?

A former Coupang engineer exploited vulnerabilities in the company's user authentication system, using an internal security key to generate fake login tokens and access customer accounts.

How many customer records were affected by the Coupang data breach?

Approximately 33.7 million customer records were compromised during the data leak incident.

What actions are South Korean authorities taking against Coupang?

Authorities are demanding Coupang fix its security systems, are investigating the delayed reporting of the breach, and may impose a fine of up to 30 million won.

Home / Business and Economy / South Korea Demands Coupang Fix Security After 33.7M Customer Data Leak

South Korea Demands Coupang Fix Security After 33.7M Customer Data Leak

10 Feb

•

Summary

A former engineer exploited system vulnerabilities, causing a massive data leak.
Approximately 33.7 million customer records were compromised in the breach.
Authorities accuse Coupang of delayed reporting and inadequate security measures.

South Korea Demands Coupang Fix Security After 33.7M Customer Data Leak

South Korean authorities revealed that e-commerce leader Coupang must address critical security vulnerabilities following a significant data leak. A government probe, announced on Tuesday, February 10, 2026, attributed the breach to a former Coupang engineer who exploited weaknesses in the company's authentication system.

The investigation confirmed that approximately 33.7 million customer records were compromised. The attacker reportedly used an internal security key to generate fake login tokens, gaining unauthorized access to user accounts. This incident, which began in January 2025 and lasted until November, is considered one of South Korea's most severe data breaches.