Coupang Data Breach triggered a high-profile parliamentary hearing on Wednesday, highlighting concerns over customer data security. Lawmakers criticized founder Bom Kim for skipping the session and failing to issue an apology. They argued his absence showed disregard for South Korea’s market.
The hearing took place at the National Assembly’s Science, ICT, Broadcasting and Communications Committee. Rep. Lee Hoon-gi stressed that while Kim oversees operations in 170 countries, over 90 percent of revenue comes from Korea. Consequently, lawmakers called the hearing incomplete without his presence.
Coupang CEO Harold Rogers attended and took responsibility for South Korean operations. He assured regulators the company responded seriously and implemented corrective measures. However, he stated that he had not discussed an apology with Kim and could not clarify the founder’s position.
Rogers confirmed former CEO Park Dae-jun resigned over the breach, accepting accountability. Meanwhile, Coupang filed a disclosure with the US Securities and Exchange Commission, stating operations were not materially disrupted. Rogers explained that US privacy law did not require reporting this type of incident.
Chief Information Security Officer Brett Matthes said passkey-based authentication, already used in Taiwan, would arrive in Korea in early 2026. He denied claims that the company intentionally delayed security upgrades. Matthes emphasized that user credentials and payment information remained largely unaffected.
Coupang announced plans to compensate affected customers. Rogers said the company would finalize compensation once investigations confirmed all details. Meanwhile, the National Policy Committee approved a bill allowing fines up to 10 percent of revenue for major data breaches.
Coupang reported $30.3 billion in 2024 sales, with more than 90 percent generated from Korea. Therefore, the company could face substantial penalties under the new law.
The Coupang Data Breach underscores rising legislative pressure on tech companies. Analysts warn it may influence regulatory approaches and reshape corporate governance in South Korea’s e-commerce industry.
