South Korea fines Coupang record 624.7 billion won for data leak
The e-commerce giant is widely popular in the country and is based in the US
Add BT as a preferred source
[SEOUL] A South Korean regulator fined the country’s largest e-commerce platform, owned by US-listed Coupang, a record 624.7 billion won (S$527 million) for a wide-ranging cyber-intrusion that escalated into a diplomatic tiff with the US.
The Personal Information Protection Commission’s fine for Coupang, the company’s South Korean entity, is the biggest-ever levied by the country for a personal data breach since a 134.8 billion won penalty on SK Telecom last year.
Under South Korean regulations, it can impose fines of up to 3 per cent of annual sales.
Coupang, South Korea’s leading online retailing platform, has been under fire after regulators discovered a former employee improperly accessed personal information from nearly 34 million accounts, or about two-thirds of the country’s population, undetected for months.
“This incident was caused not by a sophisticated hacking method, but by Coupang’s inadequate basic safety management system and negligent management,” said Kyung Hee Song, the chairperson of the regulator. “The company grew rapidly by using large-scale customer data to deliver innovative e-commerce services, but investigation found that its personal information protection and management systems failed to keep pace.”
Domestic backlash against Coupang, plus multiple South Korean probes into its cybersecurity measures, created friction with the US. South Korean lawmakers have protested what they described as US political pressure over the treatment of the company’s executives.
The e-commerce giant is based in the US and is widely popular in South Korea.
Last month, the company warned that revenue growth will slow this year after the company issued vouchers to customers in response to the breach. Its shares have shed about 35 per cent since the start of the year.
Coupang said that it regretted the regulator’s decision which “did not fully reflect Coupang’s proactive measures to prevent secondary harm following last year’s data leak”.
“Once we receive the commission’s formal written decision, we hope the facts will be clearly established through the legal proceedings,” it added in a statement released after the decision was announced.
Under South Korean law, the company could still challenge the ruling in court.
The committee also imposed a 248 million won fine on Coupang Fulfillment Services, Coupang’s logistics subsidiary, for unlawfully collecting personal information and using it to place individuals on an employment restriction list. BLOOMBERG
Decoding Asia newsletter: your guide to navigating Asia in a new global order. Sign up here to get Decoding Asia newsletter. Delivered to your inbox. Free.
Share with us your feedback on BT's products and services
TRENDING NOW
DBS to launch tokenised physical gold for retail customers in Singapore
‘I felt like dying’: Thai Singha beer scion speaks up after disclosure of alleged sexual abuse
CICT’s S$3.9 billion Paragon buy draws scrutiny over timing, funding at EGM
Evergrande’s liquidation prompts some PwC partners to shield assets, contemplate divorce
