Coupang Pledges $1.17B Vouchers for 37M Data Breach Victims Amid User Decline

• Coupang’s compensation includes four vouchers: Coupang Eats, Rocket services, Marketplace, Travel, and Allux products worth 50,000 won total per customer.

• The data breach, occurring from late June to early November, stemmed from unauthorized access using an electronic coupon key by a former employee.

• Daily active users dropped from 17.99 million to 15.94 million post-breach, per Mobile Index data, as customers shifted to rivals like Gmarket and Naver Plus Store.

Coupang data breach compensation: $1.17B vouchers for 37.7M customers affected by leaked names, emails, addresses. Interim CEO vows trust restoration. Learn breach details, suspect, impacts—stay secure amid rising phishing risks.

What is Coupang’s Response to the Data Breach?

Coupang data breach compensation plan pledges over $1.17 billion in vouchers to approximately 37.7 million current and former customers, announced on December 29. The initiative aims to restore customer trust by providing sequential payments of about 50,000 won ($34.87) per eligible user, distributed as four distinct vouchers covering Coupang Eats (5,000 won), Rocket Direct Purchase, Seller Rocket, Rocket Delivery, and Marketplace products (5,000 won), Coupang Travel (20,000 won), and Allux products (20,000 won). Customers can verify eligibility and apply via the Coupang app starting January 15, 2026, with further details to follow.

How Did the Coupang Data Breach Occur and Who Is Responsible?

The Seoul National Police Agency has identified a 43-year-old Chinese national, a former Coupang employee from November 2022 to 2024, as the primary suspect in the Coupang data breach. Investigations reveal the individual retained access to internal systems and exploited the company’s electronic coupon key to infiltrate servers, with the breach spanning late June to early November. Second Vice Minister Ryu Je-myung confirmed these details, noting police collection of internal documents, logs, user credentials, access histories, and IP addresses to trace the intrusion. This incident has triggered a surge in phishing attempts mimicking Coupang via texts and calls, prompting the company to advise vigilance against suspicious links and unknown activities. Nearly two-thirds of South Korea’s population faced potential impact, leading to heightened government and legal scrutiny.

Coupang’s interim CEO Harold Rogers addressed the fallout, stating the executive team is deeply reflecting on the harm caused. “All of Coupang’s executives and employees are deeply reflecting on how much concern and anxiety the recent personal information leak has caused our customers,” Rogers remarked. He views the compensation as a core step in responsible customer service and accountability, especially amid criticism from major South Korean organizations.

Frequently Asked Questions

What data was compromised in the Coupang data breach?

The breach affected customer names, email addresses, some order histories, and home addresses for about 37.7 million users. Crucially, payment information and login credentials remained secure, minimizing financial risks but raising privacy concerns over personal details potentially used in phishing scams.

When can affected customers receive Coupang data breach compensation?

Compensation begins January 15, 2026, via the Coupang app, where eligible users check status and redeem vouchers during purchases. Each receives 50,000 won across four types, restoring trust after the June-November incident that spurred user exodus and rival traffic spikes.

Key Takeaways

• Massive Scale Compensation: Coupang allocates $1.17 billion for 37.7 million customers, distributing 50,000 won vouchers per person starting January 2026 to rebuild confidence.
• Insider Threat Exposed: A former Chinese employee’s retained access via server key enabled the breach, highlighting internal security gaps as per Seoul police findings.
• User Behavior Shift: DAUs fell to 15.94 million by December 6, per Mobile Index, boosting rivals like Gmarket (5.8% rise) amid phishing warnings.

Conclusion

The Coupang data breach underscores e-commerce vulnerabilities, with compensation measures signaling proactive accountability amid a suspect’s arrest and user data losses. By issuing $1.17 billion in vouchers and urging phishing caution, Coupang aims to mitigate damage from the incident affecting millions. As investigations continue, enhanced security practices will be essential for sustaining trust in South Korea’s digital marketplace—customers should monitor accounts closely for ongoing protection.