South Korea Fines Coupang $409 Million for Data Breach, Setting Record 624.7 Billion Won Penalty
Updated
Updated · Bloomberg · Jun 11
South Korea Fines Coupang $409 Million for Data Breach, Setting Record 624.7 Billion Won Penalty
3 articles · Updated · Bloomberg · Jun 11
Summary
624.7 billion won ($409 million) — South Korea’s privacy regulator hit Coupang with the country’s largest-ever fine for a personal data breach tied to a wide-ranging cyber-intrusion.
The Personal Information Protection Commission said the case was severe enough to eclipse last year’s previous record penalty, reflecting the scale of the breach and intrusion.
134.8 billion won was the prior high, imposed on SK Telecom last year, underscoring how sharply the Coupang sanction raises the bar for privacy enforcement.
The breach also spilled beyond regulation into diplomacy, with the cyber incident escalating into a tiff with the United States.
Korean rules allow fines of up to 3% of annual sales, highlighting the broad enforcement powers behind the record sanction.
After a $409M fine, is South Korea now the world's riskiest market for global tech?
Will South Korea's record fine on a US firm withstand Washington's diplomatic pressure?
South Korea Hits Coupang with Record $409 Million Fine: Data Breach Fallout, Regulatory Reform, and U.S. Tensions
Overview
Coupang Inc., a major e-commerce company, suffered a significant data breach that exposed sensitive customer information such as names, email addresses, phone numbers, shipping addresses, and order histories. In response, South Korea's Personal Information Protection Commission (PIPC) imposed a record-breaking fine of 624.7 billion won ($409 million), the largest ever for a personal data breach in the country. This penalty was issued under regulations allowing fines up to 3% of a company’s annual sales. The incident highlights the growing regulatory focus on data protection and the serious consequences of cybersecurity failures for large companies.