bbieron@platformeconomyinsights.com

Coupang Issued Record $410 Million Data Breach Fine in South Korea

Jun 27, 2026

Report from the Wall Street Journal
In Brief – South Korea’s Personal Information Protection Commission (PIPC), the country’s data protection authority, has imposed a record 624.7 billion won ($410 million) fine on ecommerce giant Coupang, often referred to as Korea’s Amazon. The regulator said that 423.5 billion won was for data-protection violations linked to a breach affecting 37.6 million people, more than 70% of South Korea’s population, and 201.1 billion won for other unauthorized data collection practices by the company. The fine is the largest ever levied by the PIPC against a single company in South Korea, surpassing penalties imposed on SK Telecom and KT. The regulator said that the data breach, which came to light last year, stemmed from inadequate data security controls, with a former Chinese software developer retaining an authentication key after leaving the company and using it to gain unauthorized access to user data including names, phone numbers and residential building entry codes used for package deliveries, for about a year. Coupang, who noted that no user financial or government identification data was compromised, said it would strengthen data-protection measures, work to restore customer trust and is planning an appeal, arguing that its response efforts were not adequately reflected in the regulator’s decision.

Context – The second Trump Administration entered office declaring that foreign regulation of US digital companies was “unacceptable” and could be met by retaliatory tariffs. Seoul’s moves to toughen regulation of digital giants including Apple and Google was criticized by the new USTR straight away. In recent months, the bilateral relationship’s most sensitive economic and security issues have been disrupted by the unique positioning of Coupang, which was founded in South Korea, but is now publicly listed on the Nasdaq, headquartered in Seattle, and proudly claims an American mantle. The company has built an aggressive US lobbying presence focused on the Trump Administration and congressional Republicans and injected its data breach regulatory enforcement complaints into the two countries’ top bilateral talks.

View By Monthly
Latest Blog
Yelp Wins Legal Ruling in Antitrust Battle with Google

Report from Courthouse News Service In Brief – Federal Magistrate Judge Susan Van Keulen has ruled that Yelp, a leading internet company critic of Google’s search practices, can rely on District Judge Amit Mehta’s 2024 decision in the Justice Department’s landmark...

Illinois Governor Signs Robust AI “Safety” Law

Report from CBS News In Brief – Illinois Governor JB Pritzker (D) has signed the AI Safety Measures Act into law pushing the state to the forefront of AI regulation. The law imposes “safety” requirements on companies developing so-called frontier AI models, including...

Japan Moving to Regulate Social Media and AI in Election Campaigns

Report from Nippon.com In Brief – Japan's House of Representatives, the lower chamber of the Diet, has approved two bills by a majority vote that are intended to address the misuse of social media during election campaigns. The bills, which must next be considered by...

UK CMA Joins the Apple and Google App Store Global Regulation Parade

Report from Reuters In Brief – Britain’s Competition and Markets Authority (CMA) has announced its proposed new regulations to require Apple’s and Google’s app stores to allow app developers to direct users to third-party payment options to increase competition and...

Platform Economy Insights produces a short email four times a week that reviews two top stories with concise analysis. It is the best way to keep on top of the news you should know. Sign up for this free email here.

* indicates required