The South Korean government will fine New York-listed e-commerce giant Coupang 624.7 billion won following a massive leak of personal customer information and the illegal collection of personal data, the country's privacy watchdog announced Thursday.
The fine equates to roughly 1.4% of Coupang's 45 trillion won revenue in 2025, Reuters reported. The company, which is operationally based in Seoul, generates more than 90% of its total revenue from South Korea.
In addition to the primary fine, Coupang faces a 16.8 million won administrative penalty, corrective orders, and a mandate for public disclosure, South Korea's Personal Information Protection Commission (PIPC) said.
The regulatory body also fined Coupang's logistics subsidiary, Coupang Fulfillment Service, 248 million won for violating data collection and sensitive information usage provisions.
According to the commission, Coupang allowed the personal details of 37.6 million customers to leak due to insufficient basic security management systems, as well as negligence in authentication management and access control.
The platform also illegally collected online activity records of about 11.2 million members through third-party websites and stored them in a database, the commission added.
Coupang also failed to supervise its advertising partners displaying fraudulent ads, resulting in the illegal collection of records without user consent, according to the regulator.
The regulatory crackdown follows a prior disclosure by South Korea's science ministry that a former employee had stolen a security key to gain access to customer accounts without authorization, Reuters reported separately.
Coupang also failed to detect an unusual surge in traffic to its customer data until a customer flagged it, the newswire said.
The South Korean government had earlier said its probe on Coupang was not related to trade or security concerns and should be dealt with separately from its ongoing talks with Washington.
