South Korea Fines Coupang Record $409 Million for Data Breach

South Korea's Personal Information Protection Commission (PIPC) has levied a record 624.6 billion won (approximately $409 million) fine against e-commerce giant Coupang for a massive data breach. The penalty, the largest ever imposed by the regulator, stems from a security incident that exposed the personal data of more than 37 million customers.

The record fine reflects the severity and scale of the breach, which affected a significant portion of Coupang's user base in South Korea. The PIPC determined that Coupang failed to adequately protect customer data, violating the country's strict personal information protection laws. This marks the largest penalty ever issued under South Korea's data privacy framework.

According to the PIPC's findings, the breach involved unauthorized access to Coupang's systems, resulting in the exposure of sensitive customer information. While the specific types of data compromised have not been fully detailed, the commission cited negligence in Coupang's data security practices as a contributing factor. The incident is among the largest data breaches in South Korean history.

Coupang has not yet publicly detailed the specific vulnerabilities exploited or the timeline of the breach. However, the company is likely required to implement enhanced security measures and may face additional regulatory scrutiny. The fine signals a tougher enforcement stance by South Korean regulators on data privacy violations.

Coupang has announced plans to comply with the PIPC's ruling and is reviewing its data protection protocols. The company may also explore legal avenues to contest the fine. This case underscores the growing global trend of increased financial penalties for data breaches, especially those affecting large user bases.