Coupang Data Breach Balloons to 33.7 Million Accounts, Triggers State Emergency Probe

Korea has seen mega-leaks before—Cyworld’s 35 million-user breach in 2011 and SK Telecom’s 23 million in 2024—but this incident revives the insider-threat pattern reminiscent of Edward Snowden’s 2013 NSA disclosures and the 2007 TJX insider theft rather than pure external hacking. Structurally, it spotlights two long-running trends: (1) hyperscale platforms concentrate granular personal data, making single authentication flaws catastrophic; (2) cross-border labor and cloud operations blur jurisdictional lines, testing the 2011 PIPA framework and the notion of “digital borders” the way 19th-century telegraph cables challenged territorial sovereignty. If Seoul fails to enforce meaningful consequences, companies worldwide may persist in treating data protection as a cost center; if penalties surpass SKT’s record fine, it could mark a pivot toward European-style deterrence. Over a 100-year horizon the episode fits the march from industrial espionage to information-age power struggles, where safeguarding citizen data becomes as central to national resilience as controlling steel or oil once was.