South Korean Police Conduct Multi‑Day Raid on Coupang Over 34 Million Data Breach
Updated (4 articles)
Police Cyber Unit Executes Raid on Coupang Headquarters On December 9, 2025, the Seoul Metropolitan Police Agency’s cyber investigation team entered Coupang’s Songpa headquarters in southern Seoul with a search warrant to seize internal documents and records tied to the breach [2][3][4]. The operation targeted systems and logs that could reveal how the data was accessed and whether security lapses occurred. Police returned the next day, extending the raid to gather additional evidence [1].
Breach Exposes Personal Data of Over Half South Korea Coupang disclosed that personal information of approximately 33.7 million customers—names, phone numbers, email addresses and delivery details—had been compromised, representing more than half the nation’s 52 million residents [2][3][4]. The company initially reported a much smaller breach affecting about 4,500 users on November 18, 2025, before the full scope emerged [2][3]. Authorities are focusing on the massive scale to assess potential misuse, though no criminal activity linked to the leaked data has been identified yet [3].
Investigators Secure IP Address and Identify Suspect Police have isolated the Internet Protocol address used in the intrusion and are using it to trace the source of the leak [1][2][4]. The search warrant specifically names a Chinese national who previously worked for Coupang as a suspect accused of breaching the information and communications network and leaking confidential data [1][2]. Investigators aim to confirm the individual’s involvement and map the route of the data exfiltration.
Second‑Day Search Expands Evidence Collection The follow‑up raid on December 10 extended the seizure of digital evidence, with officers continuing to examine potential vulnerabilities in Coupang’s customer‑information management system [1][3]. No arrests have been made, and the police remain focused on identifying the leaker and the precise cause of the breach [3]. The investigation proceeds with the goal of holding responsible parties accountable and preventing future incidents.
Sources (4 articles)
-
[1]
Yonhap: Police raid Coupang headquarters for 2nd day over massive data breach: Highlights the continuation of the raid on December 10, the secured IP address, and the Chinese‑national suspect named in the warrant .
-
[2]
Yonhap: Police raid Coupang HQ in Seoul over data breach affecting 34 million: Details the initial December 9 raid, the breach’s impact on 34 million people, the investigative timeline starting with a 4,500‑customer breach, and police plans to map the leak route .
-
[3]
Yonhap: Police raid Coupang over massive data breach: Emphasizes the December 9 search, the 33.7 million records exposed, the IP address lead, and notes that no criminal use of the data has been detected .
-
[4]
Yonhap: Police raid Coupang HQ to seize evidence in data breach investigation: Focuses on the raid’s purpose to gather evidence, the prior voluntary data submission by Coupang, and the role of the secured IP address in tracking the suspect .