Coupang CEO resigns as fallout deepens from South Korea’s largest data breach

Coupang chief executive Park Dae-jun resigned Wednesday after taking responsibility for a data breach that compromised personal information belonging to nearly two-thirds of South Korea’s population, triggering a nationwide backlash and intensifying regulatory scrutiny of the country’s largest online retailer.

Coupang, an e-commerce company founded in 2010 and widely known for its rapid “rocket delivery” logistics network, confirmed Park’s departure in a statement. The company named Harold Rogers, chief administrative officer of its U.S.-based parent group, as interim chief executive. Park’s exit marks the highest-profile leadership change since the breach came to light late last month.

The incident exposed names, email addresses, phone numbers and shipping addresses of more than 33 million customers. Company officials disclosed that the intrusion persisted for five months before detection, allowing unauthorized access to systems that store customer information. The breach has prompted a government investigation, parliamentary inquiries and mounting public anger, as millions of Koreans work to secure compromised personal data.

Police raided Coupang’s headquarters this week as part of an effort to determine how the attack unfolded and to identify the perpetrator. Park faced hours of questioning from lawmakers in recent days over the company’s response and the origins of the intrusion. He told parliament that the attacker was a former developer involved in Coupang’s authentication system who later sent an email claiming possession of the data and threatening disclosure unless security improvements were made. The individual is believed to be in China.

President Lee Jae-myung criticized the company’s failure to detect the breach earlier, calling it “truly astonishing” that unauthorized access continued for months without notice. The government is preparing a comprehensive probe, and lawmakers have said the company could face penalties of up to one trillion won. Coupang is also facing potential lawsuits in South Korea and the United States.

The retailer apologized publicly, stating it would bolster its cybersecurity measures to prevent similar incidents. The crisis has contributed to a decline of more than 4 percent in the company’s U.S.-listed shares since the breach became public on November 30.