"The e-commerce giant's data breach exposed 33.7 million customers-nearly two-thirds of the entire country's population-after hackers operated undetected for five months through overseas servers. Police have identified a former Chinese employee as the primary suspect, who exploited stolen encryption keys and authentication vulnerabilities to access customer names, phone numbers, email addresses, and delivery information. The suspect fled the country before authorities could make an arrest."
"Coupang initially reported only 4,500 compromised accounts on Nov. 20, but further investigation revealed the actual number was nearly 7,500 times larger than first believed. The breach began Jun. 24 and continued undetected until Nov. 18-a five-month window that has prompted President Lee Jae-myung to call the failure "truly astonishing." Throughout this period, attackers systematically harvested personal data while Coupang's security systems remained completely blind to the infiltration."
"Payment details remained secure, according to company statements, but the exposed information includes everything criminals need for identity theft and targeted phishing campaigns. South Korean authorities have raided Coupang's headquarters twice recently, searching for evidence about how such extensive unauthorized access could continue unnoticed. The breach couldn't have come at a worse time for South Korea's digital economy ambitions. Just as the government pushes to establish the country as a global AI leader, public trust in data protection has crumbled overnight."
A cyberattack exposed personal data of 33.7 million Coupang customers after attackers operated undetected for five months via overseas servers. Investigators identified a former Chinese employee as the primary suspect who used stolen encryption keys and authentication flaws to access names, phone numbers, emails, and delivery details; the suspect fled the country. Coupang initially underreported the breach as 4,500 accounts before investigations revealed the far larger scale. Payment information was reportedly not exposed, but the leaked data enables identity theft and targeted phishing. Authorities have raided company headquarters and the incident has triggered political backlash and regulatory scrutiny.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]