Data leaks of consumer information are continuing in the retail industry.
According to the industry on the 30th, a large-scale customer data leak recently occurred at Coupang. As of the day before, the scale of the damage identified was about 33.7 million customer accounts. In effect, the information of three out of four adults was leaked.
Earlier, on the 18th, Coupang said it had recognized that information was leaked from about 4,500 accounts, but the number has since increased about 7,500-fold. The leaked information includes names, email addresses, and shipping address books (phone numbers, addresses). Some order information was also exposed.
Police have launched an investigation into the Coupang customer data leak. The government formed a joint public-private task force and put it into operation starting today. Through the task force, it plans to analyze the cause of the incident and draw up measures to prevent a recurrence.
This is not the first data leak at Coupang. According to materials obtained by Han Chang-min of The Social Democratic Party of Korea, a member of the National Policy Committee, from the Personal Information Protection Commission, Coupang was subjected to a penalty surcharge and fines three times since 2020 over leaks including delivery workers' personal information.
Because retailers including Coupang steadily collect consumer information for membership management, cyber security issues such as recent hacks and resulting data leaks continue without letup.
In Jan.–Feb. this year, a personal information leak occurred at GS Retail. At the time, signs emerged of a leak affecting about 90,000 convenience store website customers and 1.58 million records on the home shopping website. To manage the fallout, the company launched an information protection countermeasures committee with participation from top management.
At the luxury platform Must It in June, customer data including names, phone numbers, and email addresses were leaked. It said that luxury brands such as Dior, Tiffany, Cartier, and Louis Vuitton, as well as the sports apparel brand Adidas, also saw successive customer data leaks from May to July.
Around the same time in the dining industry, a customer personal information leak occurred at Korea Papa John's. The leaked data included not only customer names, contact information, and addresses but also some card information.