SEOUL, December 25 (AJP) -South Korea has elevated its response to the massive personal data breach at e-commerce giant Coupang, placing the interagency investigation under the leadership of the deputy prime minister for science as concerns grow over accountability, transparency and regulatory oversight.
The Ministry of Science and ICT said Thursday that the government will expand its joint task force probing the breach and have it chaired by Deputy Prime Minister and Science Minister Bae Kyung-hoon. The move follows a high-level meeting attended by senior officials from the presidential office and multiple ministries and watchdog agencies.
Participants included officials from the foreign, industry and trade ministries, as well as the Fair Trade Commission, the Personal Information Protection Commission (PIPC), the Korea Communications Commission and the Financial Services Commission. Authorities said the expanded task force will focus both on identifying the cause of the breach and on preventing secondary harm to consumers, while also preparing broader institutional reforms to prevent similar incidents at major digital platforms.
The ministry criticized Coupang for publicly releasing its own conclusions about the breach before the government investigation was completed.
In a statement, the ministry said it “strongly protested” the company’s unilateral disclosure, noting that key details — including the scale and mechanism of the leak — have not yet been verified by the public-private joint investigation team.
Coupang said earlier Thursday that it had identified a former employee responsible for the leak, recovered all devices used, and confirmed through external forensic analysis that only limited customer data had been accessed. The company said data from about 3,000 accounts had been stored temporarily and later deleted, and that no information had been shared outside the company.
However, authorities stressed that the investigation is still ongoing into how personal information linked to a total of 33.7 million user accounts was exposed, cautioning against drawing conclusions before the probe is completed.
In its statement, Coupang said the former employee used stolen security credentials to access customer information and later confessed. The company said the accessed data included names, email addresses, phone numbers and home addresses, but did not include sensitive information such as payment details, passwords or customs clearance numbers.
Coupang said it has secured all devices involved, including storage hardware, and pledged full cooperation with government investigators.
The issue escalated further after the presidential office convened an emergency meeting of senior officials on Christmas Day, reflecting growing concern over the scale of the incident and its broader implications.
The meeting was chaired by Presidential Policy Chief Kim Yong-beom and attended by Science Minister Bae, PIPC Chair Song Kyung-hee, Korea Communications Commission Chair Kim Jong-cheol, Fair Trade Commission Chair Ju Byung-gi, and officials from the National Police Agency. Foreign Minister Cho Hyun and officials from the Office of National Security also joined, highlighting concerns that the controversy could affect Korea’s external relations.
Officials have expressed unease over Coupang’s extensive lobbying activities in the United States. According to U.S. Senate disclosures, the company has spent at least $10 million on lobbying since August 2021.
President Lee Jae Myung has called for tougher penalties for repeat data breaches, saying companies must face consequences severe enough to deter misconduct. Speaking at a policy briefing earlier this month, Lee said sanctions should be strong enough to make firms “fear going out of business” if they repeatedly fail to protect personal information.
The data breach, first disclosed in November, affected 33.7 million users and has triggered mounting criticism from lawmakers and consumer groups over Coupang’s handling of the case.
Political pressure intensified after Coupang founder and chair Bom Kim failed to appear at a parliamentary hearing convened to address the breach. The National Assembly’s Science, ICT, Broadcasting and Communications Committee has filed a complaint accusing him of violating legal obligations to attend hearings.
The committee is scheduled to hold another two-day hearing starting Dec. 30, warning that additional legal action could follow if Kim again fails to appear.
Copyright ⓒ Aju Press All rights reserved.
