secwatch / observer
8-K filed December 16, 2025, 6:59 PM ET ticker CPNG CIK 0001834584
cyber confidence high sentiment negative materiality 0.85

Coupang discloses data breach affecting up to 33M customer accounts; former employee accessed personal data

Coupang, Inc.

Key facts

Extracted from this filing and checked against the source text.

Cybersecurity Incidents SEC 8-K Item 1.05 confidence 0.9

Coupang, Inc. disclosed a cybersecurity incident: Unauthorized access to customer accounts by a former employee, potentially exfiltrating name, phone number, delivery address, email address for up to 33 million accounts and certain order histories. Impact: Operations have not been materially disrupted; potential financial penalties from Korean regulators, and potential material financial losses from loss of revenue, remediation, litigation, etc. Materiality is still being assessed. Discovered 2025-11-18.

Nature
Unauthorized access to customer accounts by a former employee, potentially exfiltrating name, phone number, delivery address, email address for up to 33 million accounts and certain order histories.
Impact
Operations have not been materially disrupted; potential financial penalties from Korean regulators, and potential material financial losses from loss of revenue, remediation, litigation, etc.
Materiality
assessing
Discovery
2025-11-18
Exact text from the filing
On November 18, 2025, Coupang Corp. (“Coupang Corp.”), a wholly-owned Korean subsidiary of Coupang, Inc. (Coupang Corp., together with Coupang, Inc. (“Coupang, Inc.,” “our,” or “we”) and its subsidiaries and affiliates, “Coupang,”), became aware of a cybersecurity incident involving unauthorized access to customer accounts (the “Incident”).
View on SEC.gov

1 cybersecurity incidents filed in the last 30 days. Browse all cybersecurity incidents →

Coupang, Inc. filing history →

Source: SEC EDGAR
accession 0001834584-25-000196
Machine-readable: JSON · Markdown · Plain text

This headline and bullets were generated automatically by deepseek-v4-flash:cloud@v2 from the public filing. Read the source on SEC.gov before relying on any specific claim. Not investment advice. See methodology for how this pipeline works.