More than 30 million records were leaked in a major data breach at Coupang, South Korea’s largest e-commerce platform. The company confirmed about 30,370,000 customer accounts were exposed. The photo shows Coupang headquarters in Seoul on Nov. 30. [Photo: Yonhap]

The government moved to respond quickly and prevent further damage after a breach at Coupang.

It held an emergency meeting at the Seoul Government Complex on Nov. 30, chaired by Deputy Prime Minister and Minister of Science and ICT Bae Kyung-hoon. Senior officials from the Prime Minister’s Office, the Personal Information Protection Commission, the National Intelligence Service and the National Police Agency attended.

Authorities have been conducting on-site inspections since receiving a breach report from Coupang on Nov. 19 and a personal data leak report on Nov. 20.

The investigation confirmed that an attacker exploited an authentication vulnerability in Coupang’s servers to access about 33.7 million customer accounts without a normal login. The leaked data included names, emails and delivery phone numbers and addresses. Coupang said payment data, credit card information and customer login credentials were not included.

To conduct a detailed investigation and prevent further damage, the government launched a joint public-private investigation team on the same day. The Personal Information Protection Commission is also examining whether Coupang violated safety requirements such as access control, access rights management and encryption.

On Nov. 29, the government issued a public security notice to prevent secondary damage such as phishing and smishing linked to the breach. It also designated a three-month period starting that day to strengthen monitoring of personal data exposure and illegal distribution online.

Deputy Prime Minister Bae Kyung-hoon said people should remain cautious about calls or messages impersonating Coupang to avoid secondary damage. He said the government would work to address public inconvenience and concern caused by the incident.

Coupang CEO Park Dae-joon apologised for the leak. Before attending the emergency meeting, he said he regretted the recent incident that began on June 24 and apologised for the inconvenience and concern caused.

He said protecting all customer data was Coupang’s top priority and that the company maintained comprehensive data protection measures and processes.

Park apologised again for causing concern and said Coupang would continue to prioritise the safety and security of customer information.

Keyword

#Coupang #Bae Kyung-hoon #Ministry of Science and ICT #Personal Information Protection Commission #Park Dae-joon
Copyright © DigitalToday. All rights reserved. Unauthorized reproduction and redistribution are prohibited.