"Coupang Orders Should Be Curtailed... Damages Will Worsen," Says Security Expert Professor Seungjoo Kim

[Financial News] "If possible, reduce orders through Coupang, and if you must use it, limit yourself to just one or two transactions." Information security expert Professor Seungjoo Kim of the Graduate School of Information Security at Korea University proposed personal guidelines to minimize the impact of the Coupang personal data breach.
At a hearing on the Coupang breach held by the Science, ICT, Broadcasting, and Communications Committee of the National Assembly on the 17th, Professor Kim emphasized, "The situation with Coupang has not yet reached a clear conclusion. Although it may be inconvenient, it is safer to act in a way that minimizes personal data exposure."

Appearing as a witness at the hearing, Professor Kim stated, "In all personal data breach incidents since May, the scale of damage has increased after the Public-Private Joint Investigation Team completed its review. It is likely that Coupang will also see additional data leaks." He added, "Because it is not known whether other developers accessed users’ personal information, the damage could become even more severe. We should not definitively say there have been no other hacking incidents."
Currently, Coupang has acknowledged the leak of personal information, including the phone numbers and email addresses of over 33.7 million users, as well as some shared entrance passwords. However, the company claims that no financial information, such as credit card numbers, was compromised.
However, Professor Kim explained that the government’s official investigation results have not yet been released, and the actual damage could be greater than currently known.
For this reason, Professor Kim advised refraining from using Coupang for the time being. He warned that continuing to make credit card payments without knowing exactly what information has been leaked could lead to secondary damages. Coupang reported the breach of personal information affecting over 33.7 million users to the authorities on November 19.
Members of the Committee criticized the absence of key witnesses, including Bom Kim, Chairman of the Board at Coupang, Inc., and former Coupang CEOs Park Dae-jun and Hansung Kang, in the wake of this massive personal data breach affecting two-thirds of the nation. They denounced what appeared to be an evasion of responsibility.
In response, the government announced that it considers the Coupang personal data breach a serious issue that fundamentally threatens the daily lives of citizens. As a top priority, it will form a task force (TF) to coordinate a comprehensive response among relevant ministries. The TF will be led by Ryu Jemyoung, Second Vice Minister of the Ministry of Science and ICT (MSIT), and will include senior officials from MSIT, the Personal Information Protection Commission (PIPC), the Korea Media and Communications Commission (KMCC), the Financial Services Commission (FSC), the Korea Fair Trade Commission (KFTC), the National Intelligence Service (NIS), and the Korean National Police Agency (KNPA). The task force will focus on investigating and prosecuting the breach, protecting users, reforming information protection certification systems, and strengthening corporate accountability. The TF leader will regularly convene meetings with relevant ministries to monitor progress.
The government stated, "With the recent Coupang customer information leak, public anxiety is growing." It added, "At the National Assembly hearing on the 17th, concerns were raised about Coupang’s lukewarm response, potential user harm, and the need to improve information protection systems."
cafe9@fnnews.com Lee Gu-sun Reporter