Coupang customer data leak exposing 33.7 million records
Data Leak
Summary
Hide ▲
Show ▼
Coupang confirmed a data leak that exposed personal information for 33.7 million customers, creating a broad impersonation and phishing risk. The exposed data included names, email addresses, and phone numbers, while payment information and login credentials were not accessed. The exposure traces back to unauthorized access first detected in June 2025 and later updated on Dec. 1, 2025.
Related Happenings
Personal Information Protection Commission (PIPC) record fine of 624.6 billion won and corrective orders on penalized unlawful handling of personal data safety failures and
Regulatory/Legal Action
H score70
First: 11.06.2026 15:52
Last: 11.06.2026 15:52
Sources 1
How related:
The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37 million customers.
About this happening:
South Korea's **PIPC** fined **Coupang** a record **624.6 billion won** after finding breach and data-handling failures tied to a leak affecting **37.55 million people**. The regu...
Personal Information Protection Commission (PIPC) record fine of 624.6 billion won and corrective orders on penalized unlawful handling of personal data safety failures and
Regulatory/Legal ActionHow related: The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37 million customers.
About this happening: South Korea's **PIPC** fined **Coupang** a record **624.6 billion won** after finding breach and data-handling failures tied to a leak affecting **37.55 million people**. The regu...
Seoul Metropolitan Police raid on Coupang breach records
Law Enforcement
H score55
First: 26.01.2026 15:00
Last: 26.01.2026 15:00
Sources 1
How related:
the Seoul Metropolitan Police had identified a suspect and was tracking them
About this happening:
**Seoul Metropolitan Police Agency** raided **Coupang’s headquarters in southern Seoul** to search for **internal documents and records related to the breach**, escalating the off...
Seoul Metropolitan Police raid on Coupang breach records
Law EnforcementHow related: the Seoul Metropolitan Police had identified a suspect and was tracking them
About this happening: **Seoul Metropolitan Police Agency** raided **Coupang’s headquarters in southern Seoul** to search for **internal documents and records related to the breach**, escalating the off...
ShinyHunters Salesforce extortion campaign against global companies in 2025
Campaign
H score84
First: 15.01.2026 17:45
Last: 15.01.2026 17:45
Sources 1
About this happening:
The **ShinyHunters** campaign now includes a **Qantas** breach disclosed after the airline found a **June 30, 2025** intrusion in a **third-party platform** used by one customer s...
ShinyHunters Salesforce extortion campaign against global companies in 2025
CampaignAbout this happening: The **ShinyHunters** campaign now includes a **Qantas** breach disclosed after the airline found a **June 30, 2025** intrusion in a **third-party platform** used by one customer s...
Kyowon Group external data leak affecting customer data
Data Leak
H score77
First: 14.01.2026 23:49
Last: 14.01.2026 23:49
Sources 1
About this happening:
**Kyowon Group** confirmed an **external data leak** tied to its **January 2026** ransomware incident, creating a real risk that **customer information** was exposed. The company...
Kyowon Group external data leak affecting customer data
Data LeakAbout this happening: **Kyowon Group** confirmed an **external data leak** tied to its **January 2026** ransomware incident, creating a real risk that **customer information** was exposed. The company...
Askul records leak tied to RansomHouse ransomware attack
Data Leak
H score49
First: 16.12.2025 01:13
Last: 16.12.2025 01:13
Sources 1
About this happening:
The **Askul Corporation** data leak now matters because **RansomHouse** stole about **740,000 records** from the company’s **October** ransomware attack, expanding the blast radiu...
Askul records leak tied to RansomHouse ransomware attack
Data LeakAbout this happening: The **Askul Corporation** data leak now matters because **RansomHouse** stole about **740,000 records** from the company’s **October** ransomware attack, expanding the blast radiu...
Timeline
-
11.06.2026 15:52 1 articles · 28d ago
PIPC fines Coupang $409 million over the customer data breach
Legal Policy Action UpdateSouth Korea's Personal Information Protection Commission fined Coupang a record 624.6 billion won (roughly $409 million) and imposed corrective, announcement, and publication orders after finding that personal information for about 37.55 million people was leaked due to failures in authentication key management and access controls, along with violations of data destruction, leak-notification, and data-protection duties. Coupang Fulfillment Service was also fined for unlawfully collecting, using, and handling customers' personal and sensitive data.
Show sources
- Coupang hit with record $409 million data breach fine in Korea — www.bleepingcomputer.com — 11.06.2026 15:52
-
12.12.2025 20:28 1 articles · 6mo ago
Police tie Coupang leak to former employee
Attribution UpdateSeoul Metropolitan Police Agency linked the Coupang customer data leak to a 43-year-old Chinese national who had worked at Coupang and was assigned to an authentication management system. Investigators said he left the company in 2024 but retained access to internal systems, and they continued gathering logs, access histories, user credentials, and other records from Coupang offices.
Show sources
- Coupang data breach traced to ex-employee who retained system access — www.bleepingcomputer.com — 12.12.2025 20:28
-
01.12.2025 17:45 2 articles · 7mo ago
Coupang customer data leak exposing 33.7 million records
Initial DisclosureIn **June 2025**, Coupang detected **unauthorized access** to delivery-related personal information from an **overseas location**. Early estimates suggested about **4,500 accounts** were affected before the scope was later expanded.
Show sources
- South Korea's Coupang Confirms 34 Million Customer Data Leak — www.infosecurity-magazine.com — 01.12.2025 17:45
- South Korea's Coupang Confirms 34 Million Customer Data Leak — www.infosecurity-magazine.com — 01.12.2025 17:45