TLDR
- Coupang stock fell 9% in premarket trading after the company disclosed a data breach affecting more than 33 million customers in South Korea
- The breach started June 24 but went undetected until November 18, exposing names, emails, phone numbers, addresses and order histories
- A former Chinese contractor allegedly used an expired authentication key that remained active to access customer data without authorization
- Over 10,000 customers are preparing a class action lawsuit seeking minimum compensation of $68 per affected individual
- South Korean regulators launched investigations into possible violations of personal information protection laws and security failures
Coupang shares dropped 9% in premarket trading after revealing a major security breach. More than 33 million customer accounts were compromised in the incident.
The breach represents South Korea’s worst data leak in over ten years. Personal information including names, email addresses, phone numbers, shipping addresses and order histories was exposed.
Unauthorized access began on June 24 through overseas servers. Coupang didn’t detect the breach until November 18, creating a five-month window of exposure.
The company emphasized that payment details and login passwords were not compromised. This limits direct financial risk for affected customers.
Former Contractor Under Investigation
South Korean authorities opened investigations into the security failure. Science Minister Bae Kyung-hoon said the attacker “abused authentication vulnerabilities” in company systems.
Officials are determining whether Coupang violated personal information protection regulations. The lengthy detection delay raises concerns about monitoring capabilities.
Coupang suspects a former Chinese contractor who handled authentication tasks. This individual allegedly accessed systems after their employment contract ended.
Lawmaker Choi Min-hee stated the ex-contractor used an authentication key that wasn’t deactivated properly. This allowed unauthorized database access for months without detection.
Police are tracing IP addresses connected to the breach. They’re also examining technical vulnerabilities that enabled the attack.
Legal Liability Grows
The breach sparked immediate legal action. More than 10,000 affected customers plan to join a class action lawsuit.
Lawyer Ha Hee-bong estimated compensation could exceed 100,000 won per person. That translates to roughly $68 per affected individual.
With 33 million compromised accounts, total potential liability could reach billions. Actual settlement amounts typically differ from initial demands.
Despite the breach, some analysts maintained their positions. Bank of America Securities and Morgan Stanley kept their price targets unchanged.
These firms cited growth potential and management response as reasons for confidence. However, insider selling activity increased following the announcement.
Coupang had gained 26.33% year-to-date before the selloff. The company’s market cap stands at $51.44 billion.
Daily trading volume averages 11.3 million shares. Technical signals showed a “Buy” rating before the breach disclosure.
Regulatory Review Continues
Korean regulators are examining the breach timeline closely. The gap between occurrence and discovery concerns officials.
Authentication system management is a primary investigation focus. Authorities want to understand why terminated employee credentials remained active.
Coupang faces potential regulatory fines and penalties. The company must also handle thousands of customer complaints.
Police continue working to identify everyone involved in the security breach. The investigation includes reviewing server logs and access patterns.
South Korean officials are examining whether additional security measures could have prevented the incident.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
