President Lee Jae Myung calls for penalties and punitive damages after a major e-commerce data breach went undetected for five months.
SEOUL: South Korea’s president has ordered swift action to penalise those responsible for a major data leak at e-commerce giant Coupang.
The breach affected more than 33 million customers and went undetected for five months.
President Lee Jae Myung said it was “astonishing that the company failed to recognise the breach for five months”.
He added that the “scale of the damage is massive”.
On Tuesday, Lee ordered the government to “strengthen fines and make punitive damages a reality”.
He called for “substantive and effective countermeasures” against those responsible.
“The cause of the accident must be quickly identified and (those responsible) must be held strictly accountable,” he said.
The leak took place through overseas servers from June 24 to November 8.
Coupang only became aware of it last month, according to police and local media.
The company has filed a complaint against a former employee, a Chinese national, who is the alleged culprit.
Police said they were tracing computer IP addresses and looking into possible international collaboration.
They warned the leak could “threaten the daily lives and safety of every single citizen”.
Coupang has informed customers that their names, email addresses, phone numbers, shipping addresses and some order histories were exposed.
The company said payment details and login credentials were not affected.
The case follows a major breach at South Korea’s largest mobile carrier, SK Telecom.
It was fined about 134 billion won (USD 91 million) in August after a cyberattack exposed data on nearly 27 million users.
South Korea is among the world’s most wired countries but has been a frequent target of hacking.
Police last year said North Korean hackers stole sensitive data from a South Korean court computer network over two years.
Last month, Yonhap News Agency reported that authorities suspected a North Korean hacking group may be behind a recent cyberattack on cryptocurrency exchange Upbit.
