On Former Employee of Chinese Nationality: "Subject to Investigation"
Three-Month Enhanced Monitoring... Updates to Be Announced
The government has stated that the personal information leak incident at Coupang originated from a vulnerability in Coupang's server authentication. However, officials refrained from commenting on the possibility that a former employee of Chinese nationality who worked at Coupang may have been involved.
On the 30th, an emergency meeting of related ministers regarding the Coupang personal information leak incident was held at the Government Seoul Office, presided over by Deputy Prime Minister and Minister of Science and ICT Baek Jongmin. Photo by Yonhap News
On November 30, the government held an emergency meeting of related ministers at the Government Seoul Office to discuss response measures regarding the Coupang breach and personal information leak. The closed-door meeting was attended by Deputy Prime Minister and Minister of Science and ICT Baek Jonghun, Minister for Government Policy Coordination Yoon Changryeol, Chairperson of the Personal Information Protection Commission Song Kyunghee, Acting Commissioner of the National Police Agency Yoo Jaesung, Third Deputy Director of the National Intelligence Service Kim Changseop, and Director General for Network Policy at the Ministry of Science and ICT Choi Woo-hyuk, among others.
The government reported that after receiving a notification from Coupang on November 19 and 20 and conducting an on-site investigation, it confirmed that information such as customer names, emails, and addresses had been leaked from 33.79 million accounts. When Coupang first reported the incident, it had identified 4,536 affected accounts.
The government stated that it is premature to conclude whether the information was leaked through server hacking. In a Q&A session with reporters after the meeting, Director General Choi said, "In the past, there have been cases where insiders took information out, and there have also been cases involving the use of (authentication) accounts. Since there are various methods of attack, it is difficult to definitively say whether this was a leak or a hacking incident."
Regarding the possibility of insider involvement, the government maintained a cautious stance, stating that all possibilities, including state-sponsored hacking attacks, are being considered. Director General Choi emphasized, "The suspicion of involvement by a former employee of Chinese nationality falls under the scope of investigation, so the government cannot disclose details at this time. No malicious code has been found. If there is progress in the investigation or inquiry, we will disclose it transparently."
Regarding the fact that customer financial information was not leaked, he said, "Coupang has stated that the servers storing personal information and financial information are separate systems. The matter is currently under investigation."
The government promised a thorough investigation. In his opening remarks, Deputy Prime Minister Baek stated, "During the investigation, we confirmed that the attacker exploited a vulnerability in Coupang's server authentication to leak the names, emails, delivery phone numbers, and addresses of over 30 million customer accounts without normal logins. We apologize for the breach and personal information leak at a platform company so widely used by the public."
He added, "To ensure a detailed investigation and prevent further damage, the government has launched a joint public-private task force as of today. We are also investigating whether Coupang violated its obligations to implement safety measures for personal information protection."
In particular, the Personal Information Protection Commission is focusing its investigation on whether Coupang violated its obligations regarding safety measures for personal information protection, such as access control, access rights management, and encryption. To prevent secondary damage such as personal information and monetary theft through phishing and smishing attacks exploiting this incident, a nationwide security advisory was issued the previous day. For the next three months, the government plans to designate this period as a "strengthened monitoring period for personal information exposure and illegal distribution on the Internet, including the dark web."
Meanwhile, on the same day, Coupang CEO Park Daejoon also joined the meeting midway and reported to the government on the company's understanding of the incident and its response status.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
