"Require notification on the website for a certain period"
"Submit results within seven days... Strict sanctions for violations"
The Personal Information Protection Commission has ordered Coupang to revise its notification from "exposure" to "leak" regarding personal information, and to resend the notification reflecting all leaked items without omission.
An apology text from Coupang regarding the personal information leak incident is seen with a standee installed at Coupang headquarters in the background. 2025.12.01 Photo by Dongju Yoon
On December 3, the Commission announced that it had urgently convened a plenary meeting at the Government Complex Seoul and resolved to require Coupang to immediately implement these measures.
The Commission explained that, upon reviewing Coupang's response thus far, it found that the company described the incident as an "exposure" rather than a "leak" of personal information, posted a notice on its website for only a short period (one to two days), and omitted certain leaked items (such as shared entrance passwords). Previously, Coupang had sent users a text message stating, "An incident occurred in which some of your valuable information was exposed."
In response, the Commission ordered Coupang to revise the notification from "exposure" to "leak" to prevent public confusion, and to resend the notification including all leaked items. Coupang was also instructed to notify individuals whose information was leaked, as identified in the delivery list, within the scope of what can be identified, and to immediately report and notify in the event of any additional leaks.
Furthermore, the Commission required Coupang to announce the details of the leak on the main page or via a popup window on its website for a certain period, and to actively provide guidance on additional preventive measures, such as recommending changes to shared entrance passwords and Coupang account passwords. The Commission also called for a reassessment of the effectiveness of damage prevention measures, strengthened internal monitoring, expansion of the dedicated response team, and immediate response to complaints and media reports.
The Commission has instructed Coupang to submit the results of these measures within seven days and will continue to monitor the implementation status. Since November 30, the Commission has also been operating a "period of strengthened monitoring for personal information leaks and exposures, including illegal distribution, on the internet (including the dark web)."
The Commission stated, "We recognize the seriousness of this incident, in which the contact information and addresses of a large number of citizens have been leaked," adding, "We will promptly and thoroughly investigate the circumstances, scale, and items of Coupang's personal information leak, as well as any violations of safety obligations, and will impose strict sanctions if violations are confirmed."
Meanwhile, the National Assembly's Political Affairs Committee will hold a session this afternoon to address questions regarding the Coupang personal information leak. Senior officials from the Office for Government Policy Coordination, the Fair Trade Commission, the Financial Services Commission, the Personal Information Protection Commission, as well as Coupang's management, are expected to attend.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Gold and Silver Prices Soar, but Why Is Bitcoin Falling? [Why&Next]](https://cwcontent.asiae.co.kr/asiaresize/183/2026012114175499981_1768972675.png)
![The Special Connection Between the Statue of Martyr Lee Jun in Jangchungdan Park and Mayor Oh Sehoon ③ [Current Affairs Show]](https://cwcontent.asiae.co.kr/asiaresize/319/2026012110001599450_1768957215.jpg)
