Coupang, the most important retailer in South Korea, introduced $1.17 billion (1.685 trillion Gained) whole compensation for the 33.7 million clients whose data was uncovered within the data breach found final month.
The compensation will likely be supplied steadily, beginning on January 15, 2026, to all Coupang clients, together with WOW and non-WOW members, in addition to those that canceled their membership.
“Coupang will present every buyer with 4 single-use buy vouchers totaling 50,000 received [around $34]: all Coupang merchandise, together with Rocket Supply, Rocket Abroad, Vendor Rocket, and Market (5,000 received), Coupang Eats (5,000 received), Coupang Journey merchandise (20,000 received), and R.LUX merchandise (20,000 received),” the corporate says.
The corporate goals to revive buyer belief following a data breach that occurred on June 24, nevertheless it was found solely in mid-November.
Coupang is a U.S.-based tech and on-line retail firm that operates within the South Korean market. It employs 95,000 individuals and has an annual income of greater than $30 billion.
The breach was one of many worst in South Korea’s historical past. It uncovered names, electronic mail addresses, bodily addresses, and order data of 33.7 million Koreans, and prompted the nationwide police to take over the investigation.
In response to the authorities, the first suspect is a 43-year-old Chinese language nationwide who labored for the retail big within the IT division between November 2022 and as much as some level in 2024, when he left the agency.
An replace from Coupang earlier this week explains that it contacted the previous worker straight earlier this month, met with them, and ultimately recovered their desktop pc’s onerous drives containing the delicate knowledge.
A MacBook Air laptop computer belonging to the suspect was additionally recovered from a river, the place they disposed of it in an try and destroy proof.
Supply: Coupang
Primarily based on present data from the investigation, aided by Mandiant, Palo Alto Networks, and Ernst & Younger, the perpetrator accessed 33 million accounts however retained person knowledge from roughly 3,000.
Coupang says that the previous worker didn’t switch any of this knowledge to others, and he subsequently deleted it from his gadgets as effectively.
Damaged IAM is not simply an IT drawback – the impression ripples throughout your entire enterprise.
This sensible information covers why conventional IAM practices fail to maintain up with fashionable calls for, examples of what “good” IAM appears to be like like, and a easy guidelines for constructing a scalable technique.
