Spurs the dumbest basketball team in history of civilisation - Barkley
Barkley slams Spurs as the dumbest basketball team ever after Knicks' comeback
BBC News1 min read
South Korea fines Coupang $408m over biggest data leak in country’s history
TL;DR
South Korea fined Coupang $408 million for a data leak affecting over 33 million customers. The company failed to report the breach within the legally required 72 hours.
Key points
- Coupang fined $408 million by South Korea
- Data leak affected over 33 million customers
- Company failed to report breach within 72 hours
- Lack of safety measures led to the incident
- Delayed notifications deprived individuals of preventive actions
Mentioned in this story
CoupangPersonal Information Protection Commission
South Korea has hit e-commerce giant Coupang with a record $408m fine over a leak that allegedly exposed the data of more than 30 million customers and provoked the ire of US lawmakers.
The Personal Information Protection Commission said on Thursday that the New York-listed company had leaked personal data of more than 33 million customers and failed to report the breach within the 72 hours required by the law.
“This accident occurred due to Coupang’s lack of safety measures and systems, not sophisticated hacking,” Song Kyung-hee, the chairperson of the privacy regulator, told a briefing on Thursday.
Coupang “delayed breach notifications”, Song said.
“As a result, those individuals were unaware of the breach and deprived of the opportunity to take steps to prevent secondary harm,” she said.
After the fine was announced, Coupang apologised for having caused concern to the public and its customers.
But the company said that “we regret that our proactive measures to prevent secondary harm from last year’s data leak incident, as well as our explanations based on clear facts, were not sufficiently reflected” in the regulator’s decision.
Coupang, which is based in Seattle, the United States, but generates most of its revenue in South Korea, signalled that it would challenge the fine in court.
The fine is by far the largest ever penalty for a data leak in South Korea, far exceeding the previous record of an $88m fine imposed last year on mobile carrier SK Telecom.
The penalty follows a finding by a government-led investigation earlier this year that blamed the breach on management failure.
South Korea’s Ministry of Science and ICT at the time said that a former employee, who was a Chinese national, stole a security key and gained unauthorised access to customer accounts.
The probe into the data breach added to trade friction with Washington amid concerns that South Korean authorities had gone too far in their treatment of the US-listed company.
In April, South Korean lawmakers sent a joint letter, raising concerns over “undue pressure” from US politicians regarding Seoul’s investigation into the e-commerce giant.
The letter, co-signed by nearly 100 politicians, followed accusations by US Republicans that the probe into the US-listed company constituted “discriminatory regulatory actions” against US businesses.
Coupang is estimated to control about 40 percent of South Korea’s logistics services, the largest market share among peers, according to Seoul-based IM Securities.
“Coupang has grown its e-commerce service significantly based on vast customer data,” Song said.
“But the company did not have a system to protect and manage customer information despite its business scale.”
Q&A
What caused the data leak at Coupang?
The data leak at Coupang was attributed to the company's lack of safety measures and systems, rather than sophisticated hacking.
How many customers were affected by the Coupang data breach?
The data breach affected more than 33 million customers.
What are the consequences of Coupang's data leak fine?
Coupang faces a record $408 million fine, which reflects the severity of the breach and the company's failure to notify affected individuals promptly.
