South Korean e‑commerce giant Coupang has announced a large‑scale compensation plan following the Coupang data breach that affected tens of millions of users. The company said it will provide vouchers worth about 1.69 trillion won, or roughly $1.17 billion, to those whose information was impacted. The move comes amid growing public scrutiny after the breach was disclosed last month.
Coupang said around 34 million current and former users are eligible for compensation. Each eligible user will receive purchase vouchers worth 50,000 won that can be used across various Coupang services. The company confirmed that former customers who closed their accounts after the incident are also included, expanding the reach of the compensation effort.
Users will be able to check their eligibility starting January 15 through Coupang’s official channels. The company described the voucher program as part of its responsibility to customers whose trust was affected by the breach.
Scope of the Breach and Company Response
The Coupang data breach came to light in mid‑November and quickly became one of the largest cyber incidents involving a consumer platform in South Korea. While Coupang did not disclose full technical details of how the breach occurred, the company confirmed that customer information was accessed without authorization.
Following the disclosure, Coupang began internal reviews and worked with external experts to understand the extent of the exposure. The incident led to leadership changes, including the resignation of then CEO Park Dae jun earlier this month. Interim CEO Harold Rogers addressed customers directly, calling the compensation plan a responsible step and reiterating the company’s apology.
Rogers said the company intends to follow through fully on its commitments. He emphasized that Coupang is focused on restoring confidence by addressing user concerns and strengthening internal safeguards.
Founder Kim Bom also issued a public apology, acknowledging that communication with customers had fallen short in the early stages of the incident. He said he initially delayed speaking publicly until more facts were confirmed, but later recognized that the lack of immediate communication added to customer frustration.
Kim said the breach weighed heavily on him from the moment he learned about it and described the response as a learning moment for the company.
Data Recovery and Security Measures
Coupang stated that it has recovered the leaked customer information with support from authorities and through cooperation during the investigation. According to the company, storage devices belonging to a suspect linked to the breach were secured, and the customer data found on those devices was limited to about 3,000 records.
The company said there is no evidence that the information was distributed or sold externally. It added that the data involved has since been contained, and no further exposure has been identified.
While Coupang has not detailed the exact types of data involved, the company stressed that it is reviewing its internal systems and processes to reduce the risk of similar incidents in the future. Cybersecurity specialists have been engaged to assess weaknesses and recommend improvements.
The Coupang data breach has underscored the scale of responsibility faced by major digital platforms that manage personal data for millions of users. For Coupang, the compensation plan marks one of the largest customer remediation efforts linked to a data breach in the region.
Restoring Trust After a Large Scale Incident
Coupang’s decision to compensate affected users with vouchers reflects a broader effort to rebuild trust after a disruptive cyber event. Including former customers signals recognition that the impact extended beyond active users.
The company said it remains focused on customer protection and system resilience as it moves forward. While the Coupang data breach has drawn attention to cybersecurity risks in large online platforms, the company’s response illustrates how businesses may combine financial compensation with public accountability after such incidents.
As eligibility checks begin in January, affected users will be watching closely to see how smoothly the compensation process is handled and how effectively the company strengthens its defenses in the months ahead.
