Coupang Data Breach Suspect Apprehended and Confesses
Information from 3,000 Users Stored and Deleted Out of 33 Million Accounts
Coupang Confirms "No External Transmission of Customer Data"
On December 25, Coupang announced that it had apprehended the former employee responsible for leaking information on 33.7 million customers and obtained a full confession regarding the crime.
According to reports, the perpetrator stole a security key acquired during employment, then used a personal desktop PC and a MacBook Air laptop to access 33 million customer accounts and saved information on 3,000 individuals. As the incident escalated, the perpetrator deleted the stored data and disposed of the related devices in a nearby stream. Coupang stated that it searched the stream, recovered all devices used in the data breach, and confirmed that there was no external transmission of the leaked information.
According to Coupang, the perpetrator stole an internal security key obtained during employment and accessed account information (names, emails, addresses, and phone numbers) for 33 million customers. The perpetrator claimed to have obtained order information and shared entrance door codes for 3,000 of these accounts.
Coupang engaged three global cybersecurity firms-Mandiant, Palo Alto Networks, and Ernst & Young-to investigate the incident, confirming that there was no access to payment information, login credentials, or personal customs clearance codes for the affected accounts. It was also determined that 2,609 shared entrance door codes had been leaked.
The perpetrator stored the information on a personal desktop PC and a MacBook Air laptop. After news of the data breach broke, the perpetrator stated, "I physically destroyed the laptop, placed it with bricks in an eco-bag bearing the Coupang logo, and threw it into a nearby stream."
Coupang explained that, based on the map and description provided by the perpetrator, divers located and retrieved the MacBook Air laptop from the stream and confirmed that its serial number exactly matched the serial number registered to the perpetrator's iCloud account.
Additionally, forensic analysis confirmed that the unauthorized access to Coupang's system was carried out using one PC system and one Apple system, as stated by the perpetrator. Coupang reported, "the perpetrator submitted the desktop PC and four hard drives used with the PC, and analysis revealed that attack scripts used in the breach were found on these storage devices."
The perpetrator is said to have claimed sole responsibility for the crime. It was also reported that, following the incident, the perpetrator deleted the customer information of the 3,000 accounts and stated that there was no external transmission of the data. Coupang stated, "So far, the investigation results are consistent with the perpetrator's statements, and no evidence contradicting the perpetrator's account has been found."
Coupang emphasized, "No customer data was transmitted to any third party," and added, "All devices and hard drives used by the perpetrator to access and steal Coupang customer information have been recovered and safely secured through verified procedures."
The company continued, "We take full responsibility for the significant concerns caused to our customers by the recent personal information leak," and added, "We sincerely apologize to the many people who have experienced worry and inconvenience due to the Coupang data breach incident."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
