koreajoongangdaily.joins.com
BY LEE YOUNG-KEUN, KIM JI-HYE

The former Coupang employee accused of leaking 33.7 million customer data had worked at the company for just two years, according to police on Thursday.

According to the Seoul Metropolitan Police Agency and sources familiar with the case who spoke to the JoongAng Ilbo, the suspect in the data breach — identified as a 43-year-old developer and Chinese national — was affiliated with Coupang's Seoul office. The person joined Coupang in November 2022 and was assigned to work on a key management security system before leaving the company late last year.

It’s difficult to understand from a common sense perspective why a newly hired developer with foreign nationality would be given access to sensitive customer information — especially in today’s security-conscious corporate environment,” said an industry source. “Given that such duties typically require strict security training and pledges, it raises questions about whether the company’s protocols were adequate.”

Coupang disclosed on Nov. 29 that approximately 37.7 million customer accounts had been exposed. The compromised data includes names, email addresses, saved delivery addresses, partial order histories and, in some cases, access codes for shared building entrances.

Due to the massive scale of the breach, police have been raiding Coupang’s headquarters in Songpa District, southern Seoul, for three consecutive days since Tuesday. Thursday's raid began around 9:40 a.m. Investigators are focused on securing records that can explain how the suspect allegedly gained access to Coupang’s security system and extracted the data. These include internal documents, work logs and system records related to the key management platform the suspect worked on during the employment period.

Police are also analyzing logs stored in the company’s security system, such as IP addresses, user credentials and access histories.

Coupang filed a criminal complaint with police on Nov. 25 regarding the leak. The police initially began an investigation based on documents submitted voluntarily by the company, but launched a compulsory search starting Tuesday. Investigators plan to trace the suspect’s methods and movements using the evidence collected in the raid. If Coupang’s negligence or legal violations are uncovered in the process, the company — currently treated as the victim — and employees responsible for handling personal information may also become subjects of investigation.

Meanwhile, the number of phishing scams linked to the Coupang breach has surged in recent days. According to Democratic Party lawmaker Lee Jeong-heon of the National Assembly’s Science, ICT, Broadcasting and Communications Committee, police received 229 phishing reports between Nov. 30 and Tuesday.

Most reports involved scams impersonating Coupang and offering fake compensation or claiming to be sending deliveries. Other familiar tactics, such as fake product review programs or phony prize announcements, were also used — many of which predate the breach.

“This incident is raising serious concerns over secondary damage such as phishing crimes,” Lee said. “Coupang and Executive Chairman Kim Bom must stop hiding behind silence and urgently take responsibility with transparent disclosure and a comprehensive compensation plan.”

chosun.com

Coupang Executives Sell Shares After Data Breach Coupang executives sold shares post-breach; President Lee Jae-myung seeks responsibility Amid growing

Amid growing calls for accountability against Kim Bom-suk, 47, chairman of Coupang Inc., over the data breach affecting 33.7 million individuals, it has been confirmed that key Coupang executives sold billions of won worth of company stock. The timing of these sales—immediately after the incident—is expected to spark significant controversy.

According to a U.S. Securities and Exchange Commission (SEC) filing on the 2nd (local time), Gaurav Anand, Coupang’s chief financial officer (CFO), reported selling 75,350 Coupang Inc. shares at approximately $29 per share on the 10th of last month. The sale amounted to around $2.186 million (approximately 3.2 billion Korean won). Additionally, former Vice President Pranam Kolari sold 27,388 Coupang shares on the 17th of last month, with the transaction valued at $772,000 (approximately 1.13 billion Korean won). Kolari, who oversaw search and recommendation technologies, resigned on the 14th of last month. However, the SEC confirmed he had notified the company of his resignation on October 15th, prior to the incident.

According to a breach incident report submitted to the Korea Internet & Security Agency (KISA) and obtained by the office of Science, ICT, Broadcasting, and Communications Committee Chairman Representative Choi Min-hee, Coupang reported unauthorized access to its account information at 6:38 p.m. on the 6th of last month. This predates the executives’ stock sales. However, the company recorded the time of awareness as 10:52 p.m. on the 18th of last month. While the sales occurred before the company publicly acknowledged the breach, the transactions took place after the incident itself, making controversy inevitable.

Domestically, criticism has emerged holding Chairman Kim ultimately responsible for the incident. President Lee Jae-myung also stated during a Cabinet meeting on the 2nd, “Coupang has caused significant public concern. The cause of the accident must be identified swiftly, and responsibility must be held strictly,” while instructing measures such as strengthening penalties and implementing a punitive damages system.