South Korean police have searched the headquarters of Coupang as part of an investigation into a data breach that exposed information from about 34 million customer accounts. The search was carried out by officers from a cybercrime unit at the company’s office in Songpa-gu. Investigators collected system logs, work records, and other material to determine how the breach occurred and whether internal security procedures were followed. Authorities described the incident as one of the largest data exposure cases recorded in the country.
Coupang stated that the leaked information included names, email addresses, phone numbers, shipping addresses, and parts of order histories. The company said that payment data and login credentials were not compromised. Officials reported that the breach appeared to have begun in late June 2025 and continued undetected for several months. Suspicious overseas server connections were identified in November, which led to further internal checks and eventual confirmation of the incident.
Investigators are examining the possibility that authentication keys were not adequately managed. Authorities said that a former employee retained valid access tokens after leaving the company. They reported that these tokens may have allowed the extraction of large volumes of customer information. The inquiry is focused on verifying how the access was used and whether security controls were sufficient to prevent unauthorised data use.
Public disclosure of the breach in mid-November prompted a decline in user activity on the platform. Mobile analytics data indicated a sharp drop in daily active users following the announcement. Analysts said that the reduction in activity reflected concerns about the handling of personal information and uncertainty about the extent of the breach.
Police officials said the investigation may expand to examine whether management teams complied with required security standards. They stated that responsibility for safeguarding customer information includes maintaining proper access control and monitoring internal system activity. If investigators find evidence of negligence or failure to enforce required procedures, they may question or investigate additional personnel.
The incident has led to broader discussion about data protection standards in the country. Consumer groups and industry specialists have called for stronger regulatory oversight to ensure companies that manage large volumes of personal information maintain consistent and effective security practices. They noted that breaches of this scale highlight the need for regular audits, updated access control systems, and prompt reporting when irregularities appear. Authorities said the investigation will continue until the source of the breach and any related responsibilities are fully identified.
Incoming search terms:
Site Disclaimer
2-remove-virus.com is not sponsored, owned, affiliated, or linked to malware developers or distributors that are referenced in this article. The article does not promote or endorse any type of malware. We aim at providing useful information that will help computer users to detect and eliminate the unwanted malicious programs from their computers. This can be done manually by following the instructions presented in the article or automatically by implementing the suggested anti-malware tools.
The article is only meant to be used for educational purposes. If you follow the instructions given in the article, you agree to be contracted by the disclaimer. We do not guarantee that the artcile will present you with a solution that removes the malign threats completely. Malware changes constantly, which is why, in some cases, it may be difficult to clean the computer fully by using only the manual removal instructions.