Coupang Data Breach Targets 34 Million Customer Accounts

A data breach at Coupang has exposed personal information of nearly 34 million customers.

The eCommerce company, considered the “Amazon of South Korea,” revealed the breach on Saturday (Nov. 29), Reuters reported. Coupang said the unauthorized access to customer info appears to have begun in June via overseas servers.

“Subsequent investigation has revealed that the extent of customer account exposure is about 33.7 million accounts, all in Korea,” the company said, adding that it became aware of the data breach on Nov. 18 and reported the incident to authorities.

A report by the Korea Economic Daily says that the 33.7 million figure represents Coupang’s entire customer base, calling the breach the biggest crisis in the company’s history.

Coupang said the exposed data is limited to customers’ names, email addresses, phone numbers, shipping addresses and some order histories, but does not include login information or payment details. An investigation is underway, and Coupang said it continues to work with regulators and law enforcement.

In other cybersecurity news, PYMNTS wrote earlier this month about Anthropic’s revelation that its Claude Code model had been manipulated into carrying out a wide-ranging cyberespionage operation across about 30 finance, technology, manufacturing and government organizations.

Industry insiders who PYMNTS spoke with about the incident said it illustrates the way fraudsters are evolving alongside technology, presenting risks to automated systems from outside AI systems and necessitating safeguards.

Eva Nahari, chief product officer at AI solutions firm Vectara, told PYMNTS that the case shows how automation changes the threat landscape. She said, “With automation comes velocity and scale,” and that attackers are now acquiring the same knowledge and creative advantages AI gives enterprises.

Nahari described the campaign as “global, industry-agnostic and growing,” adding that security teams have been anticipating this shift since the earliest days of popular large language models.

And Larissa Schneider, chief operating officer and co-founder of platform developer Unframe AI, told PYMNTS that the event reveals a new model-supply-chain risk for regulated financial institutions. She said the attack demonstrates how behavioral risk can flow into a bank simply because it relies on an external model.

Schneider added that banks now need segmentation, continuous validation and governance frameworks much like the ones designed for software supply chain threats.

The post Coupang Data Breach Targets 34 Million Customer Accounts appeared first on PYMNTS.com.