Page last updated on December 16, 2025
Coupang, Inc. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2025-12-16 16:13:34 EST.
Company Summary
Coupang, Inc. is a technology and commerce company operating retail e-commerce, restaurant delivery, video streaming, and fintech services (brands include Coupang, Coupang Eats, Coupang Play) and, following its acquisition, the Farfetch luxury marketplace.
Incident Details
Material: No
Is Breach: Yes
Records Compromised: 33,000,000
Data Types Impacted: Other, Email, Home address, Phone Number, Name
Compromised Date: Unknown
Detected Date: Unknown
Disclosure Date: 2025-12-16
Contained Date: Unknown
Recovered Date: Unknown
Attack Goal: Unknown
Attack Tactics1: TA0009, TA0010
Attack Techniques1: OTHER
Costs: No Costs Tracked (yet)
Filings
8-K filed on 2025-12-16
Coupang, Inc. filed an 8-K at 2025-12-16 16:13:34 EST
Accession Number: 0001834584-25-000196
Item 1.05 Material Cybersecurity Incidents.
On November 18, 2025, Coupang Corp. ("Coupang Corp."), a wholly-owned Korean subsidiary of Coupang, Inc. (Coupang Corp., together with Coupang, Inc. ("Coupang, Inc.," "our," or "we") and its subsidiaries and affiliates, "Coupang,"), became aware of a cybersecurity incident involving unauthorized access to customer accounts (the "Incident"). Upon discovery, Coupang activated its incident response processes, disabled the threat actor's unauthorized access, reported the Incident to the relevant Korean regulatory and law enforcement authorities, and warned customers whose data was potentially accessed.
Based on investigative findings, Coupang has determined that a former employee may have obtained the name, phone number, delivery address, and email address associated with up to 33 million customer accounts, and certain order histories for a subset of the impacted accounts. To Coupang's knowledge, the former employee has not publicly disclosed the obtained data. No Coupang customers' banking information, payment card information, or login credentials were obtained or otherwise compromised in the Incident. Coupang is continuing its investigation and has engaged external forensic experts to assist with the investigation. Korean regulators have initiated investigations with which Coupang is fully cooperating. While one or more Korean regulators will potentially impose financial penalties, at this time we cannot reasonably estimate any amount of losses or range of losses that may result from such penalties.
Coupang's operations have not been materially disrupted. Coupang remains subject to various risks due to the Incident, including diversion of management's attention and potentially material financial losses resulting from the potential loss of revenue and potential higher expenses, including from remediation, regulatory penalties, and litigation.
The former chief executive officer of Coupang Corp., our Korean subsidiary, resigned on December 10, 2025, and Harold L. Rogers, General Counsel and Chief Administrative Officer of Coupang, Inc., is serving as interim chief executive officer of the Korean subsidiary.
Company Information
| Name | Coupang, Inc. |
| CIK | 0001834584 |
| SIC Description | Retail-Catalog & Mail-Order Houses |
| Ticker | CPNG - NYSE |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | December 30 |