Coupang on the 7th, following a government directive related to the large-scale data leak incident, posted a revised notice and guidance to prevent secondary damage including phishing.
Through a notice that day, Coupang said, "There has been an incident in which your personal information was leaked," and added, "There has been no new leak incident, and we are providing precautions to prevent additional damage such as impersonation and phishing regarding the personal information leak incident that we have been informing you about since on the 29th of last month."
Coupang said, "As soon as we became aware of this leak, we promptly reported it to the relevant authorities," and explained, "In cooperation with the Ministry of Science and ICT, the Korean National Police Agency, the Personal Information Protection Commission, the Korea Internet & Security Agency (KISA), and the Financial Supervisory Service, it is under investigation."
Coupang said, "We have repeatedly confirmed that there has been no leak of payment information such as your card or account numbers, login-related information such as passwords, or personal customs clearance codes," and added, "The Korean National Police Agency announced that through a full-scale review to date, it has found no suspected cases of secondary damage using information leaked from Coupang."
Earlier, on the 3rd, the Personal Information Protection Commission demanded that Coupang revise its notification from "exposure" of personal information to "leak," and reissue it to fully reflect the leaked items.
This was because Coupang, even after identifying that customer personal information had been leaked, informed data subjects under the title of an "exposure" notice, drawing criticism.