Coupang data breach traced to ex-employee who retained system access

Published:

12 december 2025 om 18:28:30

Alert date:

12 december 2025 om 19:01:25

Source:

bleepingcomputer.com

Coupang, a major South Korean e-commerce platform, suffered a significant data breach affecting 33.7 million customers. The breach was traced to a former employee who retained access to internal systems after leaving the company. This incident highlights critical failures in access management and user provisioning processes. The breach exposed customer personal information and demonstrates the insider threat risks organizations face. The scale of the breach makes it one of the larger data exposure incidents involving improper access controls.

Technical details

Former employee who worked on authentication management system retained access to internal systems after leaving the company in 2024. The breach occurred on June 24, 2025, but was only discovered on November 18, 2025. The attacker accessed systems containing customer data including names, email addresses, physical addresses, and order information of 33.7 million customers. Police are investigating system records, IP addresses, user credentials, and access histories to determine how the rogue former employee gained unauthorized access.

Mitigation steps:

Companies should implement proper access management procedures to ensure former employees' system access is immediately revoked upon departure. Monitor for unauthorized access attempts and implement regular access audits. Customers should be aware of increased phishing activity targeting Coupang users and report any suspicious communications impersonating the company.

Affected products:

Coupang online retail platform
Coupang authentication management system

Related CVE's:

Related threat actors:

43-year-old Chinese national former Coupang employee

IOC's:

This article was created with the assistance of AI technology by Perceptive.