Coupang’s $1 billion compensation for data breach victims sparks public backlash

Published: 29 December 2025
Last updated: 30 December 2025
Suited man looking through magnifying glass at his hand, red background, coupang logo

A data breach of online retailer Coupang in November became the biggest cyberattack in South Korea’s history. The company is now set to pay $1 billion in compensation to its affected clients – a sum of money that appears substantial only on paper, with critics saying the retail giant is turning a cyber crisis into a business opportunity.

Key takeaways:
  • Nearly 34 million Coupang customers had personal data leaked by a former employee in South Korea's largest cyberattack.
  • Coupang is offering $35 vouchers per customer that can only be spent on its own services, including less popular platforms.
  • Critics say Coupang is turning the crisis into a marketing opportunity rather than providing genuine compensation.
  • The CEO resigned and police raided the company as investigations continue into the breach.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

Coupang is South Korea’s biggest online retailer – almost 34 million of its clients had their account information leaked in the incident. The company has promised to compensate those affected by offering vouchers worth up to 50,000 won ($35).

ADVERTISEMENT

The vouchers will include 5,000 won applicable to all Coupang products, 5,000 won for Coupang’s food delivery service, 20,000 won for Coupang travel products, and 20,000 won for Coupang’s luxury beauty shopping platform, R.LUX.

The fact that the company will provide compensation that can only be spent on store products and services has sparked a wave of criticism.

Choi Min-hee, a lawmaker from the ruling Democratic Party and chair of the National Assembly's Science, ICT, Broadcasting, and Communication committee, said in a Facebook post that Coupang was "bundling coupons for services no one uses," criticizing the company for offering vouchers tied to its less popular services.

Coupang data breach

She added that Coupang appeared to be trying to turn the crisis into a business opportunity.

The consumer advocacy group “Korea National Council of Consumer Organizations” stated that Coupang's plan made a mockery of consumers and downplayed the severity of the data breach, describing it as a marketing tool designed to encourage additional purchases rather than as a sign of restitution.

When Reuters asked Coupang about the public backlash over the compensation, the company replied it had no further comment.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us
ADVERTISEMENT

Coupang plans to distribute purchase vouchers starting January 15th next year. They will be provided equally to both WOW and non-WOW members. Also, among the voucher receivers are those who had canceled their membership and were notified of the personal data leak.

“Taking this incident as a turning point, Coupang will wholeheartedly embrace ‘customer-centric principles’ and fulfill its responsibilities to the very end, transforming into a company that customers can trust,” said Harold Rogers, Coupang Corp.’s interim CEO, who in the statement also added an apology.

This backlash isn’t the first one in this story. Coupang's US-based chairman and founder, Kim Bom, has failed to show up at parliamentary hearings held in Seoul earlier this month, citing other appointments, leaving critics asking what could have been more important than a data breach that has affected around two-thirds of the nation.

Coupang has identified the culprit

According to the company’s statement, Coupang has identified which of its employees were behind the leak. The company claims to have used digital fingerprints and “other forensic evidence” to identify the former employee who leaked user data.

Although the business does not disclose the name and job title of the suspected person, it states the “perpetrator confessed everything and revealed precise details about how he accessed user data.”

coupang building, yellow background, police officers surrounding it

Cybernews previously reported that the main suspect behind the leak was a Chinese national who was formerly employed by the company.

The perpetrator retained an active authentication key after leaving the company, extracted the data, and attempted to destroy a MacBook Air used in the theft, which was later recovered by divers.

Coupang data breach
ADVERTISEMENT

Coupang states that it’s cooperating fully with all relevant ongoing government investigations and has submitted all devices and hard drives used by the perpetrator to leak user data.

On November 30th, Coupang acknowledged the cyber incident, confirming that millions of accounts were compromised. The person behind it accessed customers’ names, email addresses, phone numbers, shipping addresses, and other information.

However, payment details or login credentials were not compromised, according to the firm.

Following an ongoing investigation, the company, often referred to as the “Amazon of South Korea,” was raided by the Seoul Metropolitan Police.

This was followed by the resignation of Coupang’s CEO’s Park Dae-jun, who took responsibility for the breach at the company.

Unlock more exclusive Cybernews content on YouTube.

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
By participating in this viral trend, you help train AI where it struggles the most
Windows hibernation may contribute to SSD wear as storage costs rise
UFO skeptic Michael Shermer apologizes to David Grusch
Man tries to make a sale on Facebook Marketplace, gets scammed out of $300 via Zelle
Critical FFmpeg flaw discovered: just watching a video can fully compromise your system
The world's top intelligence alliance: AI could supercharge cyberattacks within months
ADVERTISEMENT