Suspicion is growing that a leak of 30 million customer records at Coupang was caused by an internal act by a former employee rather than external hacking.

Industry sources said on the 30th that the person involved was a former Coupang employee of Chinese nationality. The person was reported to have already left the company and South Korea, raising expectations of difficulty for police investigators.

The Seoul Metropolitan Police Agency’s cyber unit received a complaint Coupang filed on the 25th and opened an investigation. The complaint listed the suspect as unidentified, but the absence of external intrusion reported earlier by Coupang has drawn attention to the possibility of an insider.

Coupang said in a statement on the 20th that it confirmed unauthorised access to customer data and found no signs of external infiltration into its systems or networks. The leak so far covers about 33.7 million accounts, roughly equal to the data of three out of every four adults in South Korea. Exposed information includes names, emails, phone numbers, addresses and some order records.

Coupang believes attempts to breach data began on June 24. Unlike major leaks at SK Telecom, KT and Cyworld, which were caused by hacking, this incident is suspected to involve an employee, prompting criticism that it reveals weak internal security controls at Coupang.

The size of the leak is close to the 2011 Cyworld and Nate hacking incident, which affected about 35 million people. The SK Telecom case, which led to the largest fine ever imposed by the Personal Information Protection Commission, was also caused by hacking.

Separately from the police probe, the government has formed a joint public-private team to investigate the cause and prepare measures to prevent a recurrence. The Personal Information Protection Commission received official reports on the 20th and 29th and is investigating. It has said it will impose strict sanctions if violations of safety requirements under the personal information protection law are confirmed.