Logos on facade at the shared headquarters of Internet company Coupang and security company SentinelOne in the Silicon Valley town of Mountain View, California, October 28, 2018.
Smith Collection | Gado | Archive Photos | Getty Images
South Korea’s biggest online retailer, Coupang apologised on Sunday over the breach of personal information from 33.7 million customer accounts through unauthorized data access.
“We sincerely apologise once again for causing our customers inconvenience,” Park Dae-jun, CEO of the firm dubbed the Amazon.com of South Korea, posted on its website.
The incident is the latest in a series of data leaks at major South Korean companies, including SK Telecom.
The government, which held an emergency meeting on Sunday, is looking into whether Coupang violated safety rules regarding personal information protection, said Minister of Science and ICT Bae Kyung-hoon.
Coupang said on Saturday that it learned of the data breach on November 18 and reported it to authorities. It said it was working with law enforcement and regulatory authorities.
The company, whose services are ubiquitous for many Koreans using its “Rocket” fast deliveries, has said it had 24.7 million active commercial users in the third quarter.
Yonhap News Agency reported on Sunday that a Chinese former employee at Coupang was suspected of being behind the breach. Coupang sent a complaint to police this month, and police are investigating, Yonhap said, without citing the sources of its information.
Coupang could not immediately be reached for comment outside business hours.
The breach exposed customers’ names, email addresses, phone numbers, shipping addresses and certain order histories but not payment details or login credentials, Coupang said.
The unauthorised access of personal information was believed to have started on June 24 through overseas servers, it said.
The government-run Korea Internet & Security Agency issued a public advisory for those affected by the breach, warning them about phishing scams.