Republic of Korea: Personal Information Protection Commission required Coupang to implement corrective notification, public disclosure, and strengthened mitigation measures following investigation into data leak

Personal Information Protection Commission required Coupang to implement corrective notification, public disclosure, and strengthened mitigation measures following investigation into data leak

On 3 December 2025, the Personal Information Protection Commission (PIPC) convened an emergency full Commission meeting and required Coupang to implement corrective notification, public disclosure, and strengthened mitigation measures following its …

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

platform intermediary: e-commerce

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2025-11-30

under deliberation

On 30 November 2025, the Personal Information Protection Commission (PIPC) announced an investigati…

2025-12-03

under investigation

On 3 December 2025, the Personal Information Protection Commission (PIPC) convened an emergency ful…

2026-01-14

under investigation

On 14 January 2026, the Personal Information Protection Commission issued an order requiring Coupan…

2026-06-10

under investigation

On 10 June 2026, the Personal Information Protection Commission imposed a fine of KRW 624.681 billi…

2026-06-12

under investigation

On 12 June 2026, the Personal Information Protection Commission resumed and consolidated two collec…

Description

Personal Information Protection Commission required Coupang to implement corrective notification, public disclosure, and strengthened mitigation measures following investigation into data leak

Scope

Complete timeline of this policy change