Coupang (Coupang Corp.), a South Korean e-commerce platform, suffered a personal data breach last year. A recent investigation confirmed the incident affected users in Taiwan. The Administration for Digital Industries under the Ministry of Digital Affairs stated that on February 23, Coupang Taiwan reported forensic findings from cybersecurity firm Mandiant showing that 204,552 Taiwan users were subject to unauthorized data access. Exposed information included names, email addresses, phone numbers, delivery addresses, and five recent order records.

After reports surfaced last November, authorities requested clarification on whether Taiwan users were involved. The company initially stated Taiwan data were not affected and that investigations were ongoing. Following the confirmed findings, officials required in-person explanations and conducted an administrative inspection on February 25 to review responsibility and security management practices.

Authorities emphasized the company must notify affected users, establish a dedicated service channel, and propose compensation and corrective measures under the Personal Data Protection Act. Violations, if found, will be penalized.

Officials warned that leaked data may be exploited through scams such as “canceling installment payments” or “delivery issues.” Users should avoid unknown links and not share passwords or verification codes. Suspected fraud can be reported to the 165 hotline.