Seoul Police Conduct Raids at Coupang HQ Following Major Data Breach

Post by : Raina Nasser

In a significant move, South Korean law enforcement officials have conducted a raid on Coupang’s headquarters in Seoul due to a substantial data breach that reportedly compromised personal information of nearly two-thirds of the nation’s citizens. The police operation, executed on Tuesday, signifies a serious escalation in the government's measures regarding one of this year’s most critical cybersecurity breaches.

Coupang, which stands as South Korea’s leading e-commerce platform, is recognized for its rapid delivery services that encompass a wide array of products including electronics and groceries. Earlier this year, the company acknowledged a data leak impacting approximately 33.7 million customers, where sensitive details such as names, email addresses, phone numbers, shipping addresses, and some order records were exposed. Importantly, the company's payment details and login credentials were not affected.

Describing the raid as a “necessary measure,” the Seoul police emphasized the importance of investigating the data leak thoroughly. A team of seventeen officers from the metropolitan police’s cybercrime division was dispatched to gather evidence at Coupang's headquarters to ensure an extensive investigation unfolds. Government officials have pledged to pursue all leads and hold accountable those found responsible.

The breach reportedly stemmed from Coupang’s overseas servers between June 24 and November 8, only coming to light last month when the company reported the alleged perpetrator, a former employee and citizen of China. The suspect remains unapprehended.

In the wake of these events, President Lee Jae Myung has called for immediate measures to penalize those accountable for the widespread data breach. The presidential office has insisted that Coupang develop a comprehensive plan for compensating the affected users. Chief of staff Kang Hoon-sik reinforced the need for the company to establish clear protocols in the event of financial losses.

This situation has gained international media coverage, particularly as Coupang is now facing a class-action lawsuit in the U.S., where its global headquarters are situated. The development raises serious concerns surrounding cybersecurity in a nation recognized for its extensive digital landscape, which has faced various high-profile cyber attacks in the past.

The Coupang incident follows a notable cyberattack on SK Telecom, South Korea's largest mobile provider, resulting in a hefty fine of 134 billion won (about US$91 million) after hackers breached data of nearly 27 million customers. Additionally, there have been allegations linking North Korean hackers to various cyberattacks, including the theft of sensitive financial information from the national judicial system over a protracted time and unauthorized cryptocurrency withdrawals from Upbit totaling 44.5 billion won.

As investigations progress, South Korean authorities are stressing the need for companies managing large quantities of personal data to enhance security standards and face repercussions for any oversight. The Coupang case may serve as a pivotal point for enforcing stricter cybersecurity regulations moving forward.