South Korea fines Coupang $408m over biggest data leak in country’s history

Data extortion watchdog says e-commerce elephantine failed to instrumentality information measures and delayed reporting breach.

South Korea has deed e-commerce elephantine Coupang with a grounds $408m good implicit a leak that allegedly exposed the information of much than 30 cardinal customers and provoked the ire of US lawmakers.

The Personal Information Protection Commission said connected Thursday that the New York-listed institution had leaked idiosyncratic information of much than 33 cardinal customers and failed to study the breach wrong the 72 hours required by the law.

Recommended Stories

• list 1 of 4Iran announces closure of Strait of Hormuz pursuing US strikes
• list 2 of 4Nigerian migrants fly South Africa aft spike successful xenophobic protests
• list 3 of 4Which World Cup players and officials person faced visa troubles successful the US?
• list 4 of 4‘Not kings of the world’: Infantino defends FIFA, US amid visa criticism

“This mishap occurred owed to Coupang’s deficiency of information measures and systems, not blase hacking,” Song Kyung-hee, the chairperson of the privateness regulator, told a briefing connected Thursday.

Coupang “delayed breach notifications”, Song said.

“As a result, those individuals were unaware of the breach and deprived of the accidental to instrumentality steps to forestall secondary harm,” she said.

After the good was announced, Coupang apologised for having caused interest to the nationalist and its customers.

But the institution said that “we regret that our proactive measures to forestall secondary harm from past year’s information leak incident, arsenic good arsenic our explanations based connected wide facts, were not sufficiently reflected” successful the regulator’s decision.

Coupang, which is based successful Seattle, the United States, but generates astir of its gross successful South Korea, signalled that it would situation the good successful court.

The good is by acold the largest ever punishment for a information leak successful South Korea, acold exceeding the erstwhile grounds of an $88m good imposed past twelvemonth connected mobile bearer SK Telecom.

The punishment follows a uncovering by a government-led probe earlier this twelvemonth that blamed the breach connected absorption failure.

South Korea’s Ministry of Science and ICT astatine the clip said that a erstwhile employee, who was a Chinese national, stole a information cardinal and gained unauthorised entree to lawsuit accounts.

The probe into the information breach added to commercialized friction with Washington amid concerns that South Korean authorities had gone excessively acold successful their attraction of the US-listed company.

In April, South Korean lawmakers sent a associated letter, raising concerns implicit “undue pressure” from US politicians regarding Seoul’s probe into the e-commerce giant.

The letter, co-signed by astir 100 politicians, followed accusations by US Republicans that the probe into the US-listed institution constituted “discriminatory regulatory actions” against US businesses.

Coupang is estimated to power astir 40 percent of South Korea’s logistics services, the largest marketplace stock among peers, according to Seoul-based IM Securities.

“Coupang has grown its e-commerce work importantly based connected immense lawsuit data,” Song said.

“But the institution did not person a strategy to support and negociate lawsuit accusation contempt its concern scale.”