Coupang: "No External Transmission Found"
The police announced that they are investigating the "Coupang personal information leak incident" and verifying whether Coupang's claims regarding the case are true.
The Cyber Investigation Division of the Seoul Metropolitan Police Agency stated in a press release on the 25th, "On the 21st, we received a written statement allegedly authored by the suspect, as well as evidence such as the laptop reportedly used in the crime, submitted voluntarily by Coupang. We are closely analyzing whether the suspect actually wrote the statement and whether the submitted items were indeed used in the crime."
Coupang announced in a press release that it had identified the former employee responsible for leaking customer information and had retrieved and secured all devices and hard disk drives, confirming through its investigation that there was no external transmission of data.
Based on the suspect's statement and the investigation by a cybersecurity firm, the suspect accessed basic customer information from 33 million customer accounts using a stolen security key, but only stored information from approximately 3,000 of those accounts. The stored data included names, emails, phone numbers, addresses, some order details, and 2,609 shared entrance access codes.
The suspect testified that they stole an internal security key obtained during their employment and attempted the attack using a personal desktop PC and a MacBook Air laptop, saving some of the information on these devices.
Coupang stated that after media reports about the personal information leak surfaced, the suspect became extremely anxious and subsequently deleted all customer information.
From the early stages of the incident, Coupang commissioned top global cybersecurity firms-Mandiant, Palo Alto Networks, and Ernst & Young-to conduct a rigorous forensic investigation and also verified the suspect's statements.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
