Former Coupang employee linked to data breach exposing 33.7 million customer records

A massive data breach at Coupang, South Korea’s largest online retailer, has been linked to a former employee who retained access to internal systems after leaving the company, police confirmed this week, as investigators continue probing what authorities have described as the country’s worst cybersecurity incident to date.

The Seoul Metropolitan Police Agency identified the primary suspect as a 43-year-old Chinese national who previously worked for Coupang and is believed to have already left South Korea. Investigators determined that the individual had access to an authentication management system during his tenure and was able to exploit that access after departing the company in 2024.

Coupang disclosed on Dec. 1, 2025, that personal information belonging to approximately 33.7 million customers had been exposed. The compromised data included customer names, email addresses, physical addresses, and order histories. The breach itself occurred on June 24, 2025, but was not detected until Nov. 18, when the company initiated an internal investigation.

On Dec. 6, Coupang issued a public update stating that the stolen data had not appeared online and emphasized that it was cooperating fully with authorities. Despite these assurances, police conducted a raid on the company’s offices earlier this week to collect evidence as part of an independent investigation.

Investigators remained at Coupang’s offices for a second consecutive day, securing internal documents, system logs, access records, IP address data, and credential histories to determine how unauthorized access was maintained and whether internal controls were bypassed or inadequately enforced.

On Wednesday, Coupang Chief Executive Officer Park Dae-jun announced his resignation, issuing a public apology for failing to prevent the breach. Coupang employs roughly 95,000 people and generates more than $30 billion in annual revenue, making the incident one of the most significant data security failures in the country’s history.

Police have stated that while Coupang is currently being treated as the victim of the breach, the company and any employees responsible for safeguarding customer data could face legal liability if negligence or regulatory violations are identified during the investigation.

The breach has also been linked to a surge in phishing and fraud attempts nationwide. Law enforcement agencies have received hundreds of reports of scams impersonating Coupang since the beginning of the month, with authorities estimating that fraudulent activity connected to the incident has affected roughly two-thirds of South Korea’s population.