South Korean ecommerce giant Coupang suffers huge data breach - over 33 million accounts affected, here's what we know

1. Pro
2. Security

South Korean ecommerce giant Coupang suffers huge data breach - over 33 million accounts affected, here's what we know News By Sead Fadilpašić published 1 December 2025

Coupang customers are considering a class-action lawsuit

Comments (0) ()

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Adobe)

• Coupang breach exposed PII of 33 million customers, sparking watchdog inquiries and lawsuits
• Data stolen includes names, contacts, addresses, and orders; passwords and payment info unaffected
• Attack linked to ex-employee’s active account; 10,000+ join class-action seeking compensation

Coupang, widely considered to be the biggest ecommerce store in South Korea, has confirmed suffered a devastating cyberattack in which it lost personally identifiable information (PII) on 33 million customers.

This appears to be one of the biggest data breaches in the company’s (and the country’s) recent history, sparking data watchdog inquiries, an official apology from the CEO, and a possible class-action lawsuit.

On Sunday, November 30, Coupang CEO Park Dae-joon published a letter on the company’s website, explaining what had happened, and apologizing for the incident. As per the letter, the attack started on June 24, 2025, but was only recently spotted.

You may like

• Sensitive customer info exposed in Mango data breach - here's what we know
• Massive database containing identity info on 252 million people leaked online - here's what we know
• Nearly 180k records exposed in billing platform breach - here’s what we know

Apologies, apologies

During the intrusion, which lasted “until recently”, the unnamed threat actors exfiltrated people’s names, emails, phone numbers, shipping addresses, and specific order information.

While this is more than enough for identity theft, or phishing, Dae-joon stressed that login account information (including customer passwords), payment information, or credit card information, was not stolen.

In the letter, which is roughly ten sentences long, Park Dae-joon apologized three times.

“Coupang will do its best to prevent further damage in close cooperation with the Ministry of Science and ICT, the Personal Information Protection Commission, the Korea Internet & Security Agency, the National Police Agency, and other public-private joint investigation teams,” he added.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

At the same time, Reuters reports that 33 million people are affected, and that this may have been the work of a former employee of Chinese origin. The agency cited broadcaster JTBC, and said that this was the result of an internal investigation. Allegedly, the employee’s account was not terminated even after they left the company, and was later used for data exfiltration.

Reuters also said that more than 10,000 people have already expressed interest in joining a class-action lawsuit against the retailer, which could see them paid $68 per person for their loss.

Via Reuters

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Sensitive customer info exposed in Mango data breach - here's what we know    Massive database containing identity info on 252 million people leaked online - here's what we know    Nearly 180k records exposed in billing platform breach - here’s what we know    Over 120 million Reputation.com records might have leaked online - here's what we know    DoorDash confirms serious data breach - customer names, addresses, emails are more all leaked, here's what we know    Conduent admits its data breach may have affected around 10 million people    Latest in Security Android malware Albiriox abuses 400+ financial apps in on-device fraud and screen manipulation attacks    Security researcher uncovers 17,000 secrets in public GitLab repositories    Millions of footballers see info leaked after French Football Federation suffers data breach    Tor adds another layer to the onion with a new relay encryption algorithm - boosting resilience and security across the board    Take extra care shopping for Black Friday deals - experts find thousands of fake websites looking to steal your details    Microsoft Teams guest access could let hackers bypass some critical security protections    Latest in News Shopify is down – here's what we know about its Cyber Monday outage    GTA 6 leak supposedly from former Rockstar animator drops new content clues    Windows 11 File Explorer fudge works, I just wish it was fixed properly    Brace yourself, ChatGPT fans – your conversations could get ads soon    South Korean ecommerce giant Coupang suffers huge data breach - over 33 million accounts affected, here's what we know    OnePlus 15R confirmed to get Snapdragon 8 Gen 5 chipset, 165Hz display, and more    LATEST ARTICLES

1. 1I broke up with Wix for this website builder - and right now you can get up to 88% off it
2. 2AWS re:Invent 2025 - all the news and updates as it happens
3. 3These Netflix VPNs are still on sale – don't miss out on big Cyber Monday savings
4. 4Shopify is down – here's what we know about its Cyber Monday outage
5. 5Android malware Albiriox abuses 400+ financial apps in on-device fraud and screen manipulation attacks