Republic of Korea: Personal Information Protection Commission announced investigation into Coupang over data leak of customer and account information

On 30 November 2025, the Personal Information Protection Commission (PIPC) announced an investigation into Coupang, an e-commerce platform, over a data leak of customer and account information. The PIPC first received notice of data leaks on 20 November and began investigating on 21 November. On 29 November, the PIPC received notice of a second leak. Initially, it appeared that 4'536 customers' personal information was leaked, but during the investigation, it was determined that over 30 million accounts were hacked. Due to the scale of the attack, the Ministry of Science and ICT intends to form a public-private joint investigation team to analyse the incident and help prepare prevention measures. Ministry of Science and ICT and the PIPC also issued a public security notice to prevent secondary damage.