South Korean President Demands Accountability After Coupang Data Breach

South Korea’s President, Lee Jae Myung, has taken decisive action following a significant data breach at e-commerce leader Coupang, which affected over 33 million customers. On November 8, 2023, it was revealed that the company had been unaware of the breach for five months, a situation President Lee described as “astonishing.” The president underscored the “massive” scale of the damage, emphasizing the need for immediate and stringent penalties against those responsible.

The data breach, which involved sensitive customer information, reportedly occurred via overseas servers from June 24 to November 8. Coupang, South Korea’s most popular online shopping platform, did not identify the breach until October, leading to criticism from government officials and the public alike. The company has since filed a complaint against a former employee, a Chinese national, suspected of being involved in the incident.

In response to the breach, President Lee has directed the government to “strengthen fines and make punitive damages a reality.” He called for “substantive and effective countermeasures” to protect consumer data and prevent future incidents. “The cause of the accident must be quickly identified and those responsible must be held strictly accountable,” Lee stated during a press conference.

The police are actively investigating the breach, tracing computer IP addresses and exploring potential international collaboration. Authorities have warned that this leak could “threaten the daily lives and safety of every single citizen.” Information exposed in the breach includes customers’ names, email addresses, phone numbers, shipping addresses, and some order histories. Fortunately, Coupang confirmed that payment details and login credentials were not compromised.

This incident follows another significant data breach earlier this year at SK Telecom, South Korea’s largest mobile carrier, which was fined approximately 134 billion won (around $91 million) after a cyberattack exposed data on nearly 27 million users. Such breaches highlight the ongoing challenges South Korea faces regarding cybersecurity, despite being one of the world’s most digitally connected nations.

Additionally, the country has experienced cyber threats from North Korea, which has been accused of orchestrating hacking campaigns against various South Korean entities. Last year, police revealed that North Korean hackers were responsible for stealing sensitive data from a South Korean court computer network. In a related incident, authorities suspect a North Korean hacking group may have been behind a cyberattack on the cryptocurrency exchange Upbit, resulting in the unauthorized withdrawal of 44.5 billion won in digital assets.

As investigations into the Coupang data breach continue, the South Korean government faces mounting pressure to enhance its cybersecurity measures and ensure that consumer data is adequately protected against future threats.