From Riverbeds to Refunds: Inside Coupang’s $1.17 Billion Data Breach Scandal
Subtitle: South Korea’s retail giant faces public reckoning after a historic breach exposes over 33 million customers.
On a chilly November morning, a battered MacBook Air was fished out of a South Korean river-its waterlogged circuits holding secrets from one of the country’s largest data breaches. The story behind this laptop is a tale of trust broken, digital evidence nearly lost, and a $1.17 billion question: can Coupang, the e-commerce titan, win back its customers after exposing the personal data of nearly two-thirds of South Korea’s population?
The breach, which occurred on June 24 but was only discovered months later, is being called one of the worst in South Korean history. Coupang-a company with more than $30 billion in annual revenue and 95,000 employees-was forced to confront the unthinkable: data on 33.7 million customers, including both current and former members, had been exposed. The fallout was swift and severe, prompting a nationwide investigation and a scramble for damage control.
At the heart of the case is a former IT staffer-a 43-year-old Chinese national-who allegedly accessed and retained sensitive customer information over a period spanning late 2022 to 2024. Authorities say the suspect did not transfer the data to outside parties and ultimately deleted most of it. Yet the breach’s scale and the fact that a trusted insider was responsible have shaken public confidence. The suspect’s attempt to destroy evidence, including tossing a MacBook Air into a river, reads like a scene from a cyber-thriller.
Coupang’s response has been to offer tangible restitution: each affected customer will receive four single-use purchase vouchers totaling 50,000 won (about $34), covering products across its vast online ecosystem. Compensation distribution will begin in 2026-a timeline that leaves many customers waiting nearly two years for redress. The company hopes these gestures, paired with assurances that the stolen data was not widely leaked, will help repair its battered reputation.
The investigation, supported by digital forensics experts from Mandiant, Palo Alto Networks, and Ernst & Young, traced the breach to the suspect’s company-issued desktop and recovered devices. Despite initial fears, Coupang claims the majority of the data was not duplicated or sold, and only about 3,000 user records were retained by the perpetrator.
As South Korea’s digital economy continues to grow, the Coupang breach is a sobering reminder: even the largest, best-resourced companies remain vulnerable to insider threats. For Coupang and its millions of customers, the journey from riverbeds to refunds is far from over.
WIKICROOK
- Data Breach: A data breach is when unauthorized parties access or steal private data from an organization, often leading to exposure of sensitive or confidential information.
- Insider Threat: An insider threat is when someone within an organization misuses their access to systems or data, intentionally or accidentally causing harm.
- Digital Forensics: Digital forensics involves collecting and analyzing digital evidence to investigate cybercrimes, support law enforcement, and ensure data integrity in legal cases.
- Purchase Voucher: A purchase voucher is a code or coupon enabling purchases up to a certain value, providing secure and limited transaction options for users.
- Compensation: Compensation is payment or benefits provided to victims of cyber incidents to cover losses or damages and support recovery efforts.




