After a massive breach of 33.7 million records erupted at Coupang, the No. 1 e-commerce company in Korea, posts certifying "leaving Coupang" have been popping up online. Some analysts say public opinion soured as it emerged that the scale of damage had surged 7,500 times from the initial announcement.
On Dec. 1, social media and online communities filled with posts certifying departures from Coupang. Users chose "because the service and customer support are unsatisfactory" as the reason for leaving. In the comment field asking "leave what you want from Coupang," they wrote phrases such as "stop selling our personal information" and "get your security right."
Unlike the sign-up process, the process to leave also stoked public anger. To leave Coupang, users must switch from mobile to the PC version. If they signed up for the Wow membership to use free Rocket Delivery shipping and returns, they must first go through the Wow membership cancellation. The same applies to Coupang Pay users.
A 27-year-old office worker surnamed Park who lives in Noryangjin-dong, Dongjak-gu, Seoul, said, "Sign-up takes a split second, but the cancellation process is too cumbersome," and added, "I was trying to leave because of the hacking damage, and it felt almost like they intentionally made it so you can't get out."
The biggest reason for the surge in departure certifications is that the scale of damage ballooned compared with the initial announcement. Coupang said on the 20th of last month that about 4,500 accounts were affected. But on the 29th of last month, it corrected the figure to 33.7 million. In roughly 10 days, the scale swelled about 7,500 times.
With indications that the leak likely occurred from June 24, concerns have risen that additional security measures cannot be trusted. Coupang said payment information was not leaked, but posts advising that changing passwords or leaving and rejoining is safer are spreading quickly.
Some say the apology letter Coupang sent to customers poured fuel on the wave of departures. In the letter, Coupang described the incident as an "exposure," not a leak of personal information. It also called the incident "unauthorized viewing," not hacking.
Communities reacted by saying, "It seems they used wording to downplay the damage," and "It seems they are trying to avoid responsibility by saying the information didn't move."
For customers who made direct overseas purchases through Coupang, there were concerns that the "personal customs code (customs number)," which counts as sensitive information, may also have been leaked. A 28-year-old office worker surnamed Gwon who lives in Jung-gu, Seoul, said, "I have used overseas direct purchases through Coupang, so although it's inconvenient, I plan to reissue my customs number to prevent damage."
Some users, however, said they do not feel a need to leave, given that hacking incidents have been frequent even before Coupang. It was a cynical response that personal information has already become "a public good." A 58-year-old full-time homemaker surnamed Kim said, "With personal information already leaked at a telecom company, I don't see any practical benefit in leaving Coupang."