Coupang, South Korea’s largest online retailer, apologized on Sunday for leaking personal information from the accounts of 33.7 million customers through unauthorized data access.
“We deeply apologize once again for causing inconvenience to our customers,” Park Dae-jun, CEO of the South Korean company called Amazon.com, said on his website.
This incident is the latest in a series of data leaks at major South Korean companies, including SK Telecom.
Science Minister Bae Kyung-hun said the government, which held an emergency meeting on Sunday, was investigating whether Coupang had violated security rules on protecting personal information.
Coupang said on Saturday that it learned of the data breach on November 18 and reported it to the authorities. The company said it is working with law enforcement and regulatory authorities.
The company, whose services are ubiquitous to many Koreans who use express delivery services, said it had 24.7 million active business users in the third quarter.
Yonhap News Agency reported on Sunday that a former Chinese employee of Coupang was suspected of being behind the leak. Yonhap said that Coupang sent a complaint to the police this month, and the police are investigating, without indicating the sources of their information.
Coupang could not immediately be reached for comment outside business hours.
The breach exposed customer names, email addresses, phone numbers, shipping addresses and the history of certain orders, but not payment details or login credentials, Coupang said.
The company said unauthorized access to personal information is believed to have begun on June 24 through external servers.
The government-run Korea Internet and Security Agency issued a public alert to people affected by the hack, warning them to beware of phishing scams.