As part of an investigation into an insider data breach at South Korea’s largest online retailer, the company said it recovered a smashed laptop that had been bundled into a canvas bag, weighted down with bricks, and thrown into a river in an alleged attempt to destroy evidence.
Coupang, often described as South Korea’s version of Amazon, has faced widespread criticism in recent weeks after announcing in November that the personal details of 33.7 million customer accounts had been compromised by a former employee.
In a statement published over the Christmas holiday, the company defended its handling of the incident, saying it followed government orders at all times and cooperated fully with the authorities, even as it faced what it described as false accusations of negligence from “governmental agencies, the National Assembly, and parts of the media.”
Responding to “the continued misstatements that Coupang was conducting an investigation without governmental oversight,” the company revealed the details of the ongoing probe and announced a voucher scheme worth 1.685 trillion won ($1.18 billion) to compensate affected individuals.
The company said it was “fully acknowledging its responsibility for the recent personal information leak incident” with Harold Rogers, the company’s interim CEO, saying all of Coupang’s executives and employees “deeply regret the significant concern and distress the recent personal data leak has caused our customers.”
Rogers, previously the chief administrative officer of Coupang’s U.S.-based parent company, replaced Park Dae-jun who resigned amid the leak scandal in mid-December.
The voucher scheme has been criticized for only applying to Coupang’s own services and platforms, with Choi Min-hee, chair of the National Assembly’s science, technology and broadcasting committee, accusing the company of attempting to turn the crisis into a business opportunity.
“Everyone at Coupang and the government authorities has been working tirelessly together to address this critical issue, and we are now providing an important update,” the company announced.
It confirmed using “digital fingerprints and other forensic evidence to identify the former employee who leaked user data. The perpetrator confessed everything and revealed precise details about how he accessed user data,” the company stated.
Coupang said it received government approval to contact the leaker and, after an initial meeting, retrieved the leaker’s desktop and hard drives. As a result of questioning, an additional device, a MacBook Air laptop, was identified and then recovered by a diving team from a nearby river.
Despite the laptop being smashed and submerged in fresh water, Coupang said its forensics teams — comprising staff from Mandiant, Palo Alto Networks and Ernst & Young — were successfully able to document and take inventory from the device before it was handed over to government investigators.
The forensic analysis revealed that although the individual “accessed 33 million accounts,” they “only retained user data from approximately 3,000” of them which was subsequently deleted following news reports of the breach. The company said there is no evidence this data was sold or shared with third parties, though authorities continue to investigate.
Shares in the company rose 6% following its update about the investigation and tentative confirmation of the limited impact of the breach, although legal challenges — including scrutiny by lawmakers in South Korea, and a class action lawsuit pending in the United States — continue to pose a risk to Coupang’s finances.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Alexander Martin
is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.
