Coupang, a major e-commerce company in South Korea, has been fined a record $409 million by the Personal Information Protection Commission for a significant data breach that exposed the personal information of over 37 million customers due to inadequate security measures. The breach, linked to a former employee, prompted additional fines and corrective actions for violations of data protection regulations.
The Coupang data breach highlights critical failures in authentication key management and access controls, leading to the exposure of over 37 million customer records. For cybersecurity professionals, this incident underscores the importance of robust identity management and enforcing strict access controls as part of a zero trust strategy to prevent unauthorized access and protect sensitive data.