Public backlash grows as Coupang faces scrutiny over massive data leak

South Korea is facing broader concerns about data governance following Coupang’s confirmation of a breach affecting 33.7 million accounts. Investigators say the leak began months before it was detected, highlighting weak access controls and delayed monitoring across major firms.

Authorities believe a former employee exploited long-valid server tokens and unrevoked permissions to extract customer records. Officials say the scale of the incident underscores persistent gaps in offboarding processes and basic internal safeguards.

Regulators have launched parallel inquiries to assess compliance violations and examine whether structural weaknesses extend beyond a single company. Recent leaks at telecom and financial institutions have raised similar questions about systemic risk.

Public reaction has been intense, with online groups coordinating class-action filings and documenting spikes in spam after the exposure. Many argue that repeated incidents show a more profound corporate reluctance to invest meaningfully in security.

Lawmakers are now signalling plans for more substantial penalties and tighter oversight. Analysts warn that unless companies elevate data protection standards, South Korea will continue to face cascading breaches that damage public trust.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!