Last updated 1 month ago
South Korean e-commerce giant Coupang experienced a data breach in June 2025 that exposed customer information. The breach prompted a class action lawsuit led by US law firm Hagens Berman, which alleges security failures enabled the incident. The lawsuit focuses on Coupang's security practices and their impact on customer data protection.
Specific details regarding the initial access vector, exploitation techniques, and affected infrastructure remain undisclosed in the article. The exact data types exfiltrated during the breach are not specified, though the legal action centers on compromised customer information. No threat actor attribution or specific TTPs are mentioned in the available reporting.
The breach has progressed to litigation, with Hagens Berman filing a class action lawsuit in the United States against Coupang. The lawsuit alleges security failures and seeks damages for affected customers. The legal action is proceeding ahead of a stated class action deadline, indicating ongoing legal and regulatory consequences from the incident.
South Korean police conducted a raid on Coupang premises and the CEO resigned, indicating significant new legal/regulatory developments and executive accountability actions.
The Coupang breach demonstrates that e-commerce platforms handling vast customer data remain high-value targets, and security failures can lead to significant legal liability across multiple jurisdictions. The class action lawsuit specifically alleges inadequate security practices, highlighting the importance of robust data protection measures that meet both operational security needs and legal compliance standards. This case shows how security incidents can quickly escalate from technical breaches to complex international litigation with substantial financial implications.
Sign in to join the discussion.
Company
Industry
Location
Disclosed
Records Affected