South Korea’s leading e-commerce platform, Coupang, has been hit with a substantial combined penalty of 624.7 billion won ($410 million) by the nation’s data protection regulator. The hefty fine, announced on Thursday, addresses a significant data breach affecting millions of users and the unauthorized collection of online user activity data.
The Personal Information Protection Commission specifically levied a record-breaking 423.58 billion won fine for the **Coupang data breach** incident. This breach compromised the personal information of over 37 million users, making it the largest penalty ever imposed for a single data leak in South Korea.
In addition to the data breach fine, Coupang also faced a 201.16 billion won penalty for unlawfully gathering online user activity information without explicit permission.
These stringent regulatory actions follow Coupang’s self-reported **large-scale data breach** last November. The incident involved the exposure of sensitive personal details of South Korean users, including their full names, phone numbers, and delivery addresses.
The penalty for Coupang’s data breach far exceeds previous records set by the regulator, notably surpassing the 134.8 billion won fine issued to wireless carrier SK Telecom Co. last August for a major data leak, underscoring the severity of the **Coupang data privacy** violation.
Investigations further revealed that Coupang engaged in the unauthorized collection of online activity records from 11.17 million users. These records, which included details of websites and applications visited, were collected even when users accessed services external to Coupang’s platform, highlighting concerns over **user data collection** practices and **online privacy**.
