Coupang, the South Korean ecommerce giant listed in the US (NYSE: CPNG), on Monday announced plans to spend 1.685 trillion won (~$1.17 billion) in compensation over a recent data breach.
The incident, the company said in early December, was discovered on November 18, and involved unauthorized access to customers’ personal information via overseas servers.
Coupang told SecurityWeek that the data breach started on June 24, 2025, and that 33.7 million customer accounts in Korea were affected.
On December 15, the company notified the Securities and Exchange Commission that a former employee was responsible for the incident.
The individual, the company said, “obtained the name, phone number, delivery address, and email address associated with up to 33 million customer accounts, and certain order histories for a subset of the impacted accounts.”
Now, Coupang says it is working on a compensation plan for all 33.7 million individuals who have been affected by the data breach.
Starting January 15, 2026, the company will provide each of the impacted customers with one-time purchase vouchers worth 50,000 won (~$34.84). The total exceeds $1.174 billion.
“The target is 33.7 million customers who received a personal information leak notice at the end of November. Both wow members and general members will be paid the same. This includes customers who have withdrawn from Coupang who received a notice of personal information leakage,” an automated translation of the company’s announcement reads.
Coupang hopes that, by implementing this compensation plan, it will restore customer trust in the brand.
“With this incident, Coupang will practice ‘customer-centricity’ deep in its heart, fulfill its responsibilities to the end, and become a company trusted by customers,” Coupang Korea interim CEO Harold Rogers said.
In a separate statement, Coupang founder and chairman Kim Bum-seok revealed that all the stolen data was recovered and that the intruder’s storage devices were seized.
“It was confirmed that the customer information stored on the leaker’s computer was limited to 3,000 cases, which were also not circulated or sold externally. The investigation is ongoing and we will inform you as soon as any further details are confirmed,” Coupang’s founder said.
Related: Nissan Confirms Impact From Red Hat Data Breach
Related: 700Credit Data Breach Impacts 5.8 Million Individuals
