Coupang Faces Fallout Over Major Data Breach and CEO Resignation
TL;DR
Coupang Data Breach: 33 Million Users Affected
Coupang has disclosed a significant data breach affecting approximately 33 million customers to US regulators, according to an 8-K report filed with the Securities and Exchange Commission (SEC). The company became aware of the cybersecurity incident involving unauthorized access to customer accounts on November 18.
Upon discovering the incident, Coupang activated its incident-response procedures, blocked the threat actor’s unauthorized access, reported the incident to relevant Korean regulatory and law enforcement authorities, and notified customers whose data may have been accessed.
Leadership Change at Coupang
Park Dae-jun, Coupang's chief executive officer, has resigned following the data breach. Harold Rogers, chief administrative officer for Coupang Inc., has been appointed as interim head.
The company stated that Rogers will focus on addressing customer concerns and stabilizing the company. This leadership change comes less than seven months after a previous restructuring that made Park the sole CEO of Korean operations.
Investigation and Potential Penalties
South Korean police raided Coupang’s Seoul headquarters as part of an investigation into the data breach. Officials believe the breach occurred over five months due to bypassed cybersecurity systems. President Lee Jae Myung expressed concern over the prolonged period of unauthorized access.
The company faces a potential fine of up to 1 trillion won ($681 million) regarding the incident. Founder Bom Kim has been summoned to appear before a parliamentary hearing on December 17.
Details of the Data Breach
The data breach affected nearly two-thirds of the South Korean population, granting unauthorized access to shipping addresses and phone numbers. During a parliamentary grilling, Park stated that a Chinese national, a former employee who had worked on the authentication system and later returned to China, was involved in the attack.
Gopher Security's AI-Powered Zero-Trust Architecture
In light of these breaches, Gopher Security offers an AI-powered post-quantum Zero-Trust cybersecurity architecture. Our platform converges networking and security across devices, apps, and environments—from endpoints and private networks to cloud, remote access, and containers—using peer-to-peer encrypted tunnels and quantum-resistant cryptography. This architecture ensures that every access request is verified, preventing unauthorized access and mitigating the risk of data breaches.
- Zero Trust Security
- Post-Quantum Cryptography
- Data breach
Enhance your organization's cybersecurity posture with Gopher Security. Contact us today to learn more about our AI-powered, post-quantum Zero-Trust solutions.
