{"schema_version":"secwatch.filing_event.v1","accession":"0001834584-25-000202","form_type":"8-K/A","ticker":"CPNG","cik":"0001834584","company_name":"Coupang, Inc.","filed_at":"2025-12-29T23:59:59+00:00","discovered_at":"2026-05-14T18:02:40.705257+00:00","generated_at":"2026-05-16T12:08:06.439082+00:00","sec_items":["1.05","7.01","9.01"],"event_type":"cyber","sentiment":"negative","materiality_score":0.9,"calibrated_materiality_score":0.9,"confidence":"high","headline":"Coupang confirms 33M accounts accessed in cyber breach; to issue $1.2B in customer vouchers","bullets":["Perpetrator accessed 33M accounts using stolen security key; only retained data from ~3,000 accounts (name, email, address, phone, 2,609 building codes). No payment or login data.","All user data deleted and never shared with third parties; perpetrator identified, cooperating, devices recovered from river.","Coupang to issue ~1.685 trillion won ($1.2B) in purchase vouchers starting Jan 15, 2026, to all 33.7M notified customers.","Vouchers total 50,000 won per customer; reduce revenue recognized per transaction; forensic firms Mandiant, Palo Alto Networks, EY involved.","Government coordinated investigation; Coupang cooperated fully and submitted all devices to authorities."],"urls":{"canonical":"https://secwatch.observer/filing/0001834584-25-000202","json":"https://secwatch.observer/filing/0001834584-25-000202.json","markdown":"https://secwatch.observer/filing/0001834584-25-000202.md","text":"https://secwatch.observer/filing/0001834584-25-000202.txt","edgar_index":"https://www.sec.gov/Archives/edgar/data/1834584/000183458425000202/0001834584-25-000202-index.htm","edgar_primary_document":"https://www.sec.gov/Archives/edgar/data/1834584/000183458425000202/cpng-20251215.htm"},"model":{"generated_by":"deepseek-v4-flash:cloud@v2","generated_at":"2026-05-16T12:08:06.439082+00:00"},"review":{"review_status":"machine_generated","human_reviewed":false,"corrected":false,"correction_note":null,"correction_timestamp":null,"superseded_by":null,"related_filings":[]},"source_grounded_claims":[{"claim_id":"34bd16abb936879e616a47b7ceb1db6f85a354a0","claim":"Coupang, Inc. disclosed a cybersecurity incident: Cybersecurity incident involving unauthorized access to approximately 33 million accounts, with limited data saved from approximately 3,000 customer accounts; perpetrator identified, cooperating, and data deleted without third-party sharing. Impact: Coupang Corp. announced a customer compensation program of approximately 1.685 trillion won ($1.2 billion) in vouchers, to be reflected as reductions to selling price and revenue. Materiality is still being assessed. Discovered 2025-12-24.","evidence_excerpt":"On December 24, 2025 (PST) and December 28, 2025 (PST), Coupang Corp., a wholly-owned Korean subsidiary (“Coupang Corp.”) of Coupang, Inc. (“Coupang, Inc.,” “our,” or “we”) (Coupang Corp., together with Coupang, Inc. and its subsidiaries and affiliates, “Coupang,”), issued updates (collectively, the “Updates”) on the cybersecurity incident (the “Incident”) disclosed in the Current Report on Form 8-K filed by Coupang, Inc. with the U.S. Securities and Exchange Commission (the “SEC”) on December 16, 2025.","evidence_source":"SEC 8-K Item 1.05","evidence_url":"https://www.sec.gov/Archives/edgar/data/1834584/000183458425000202/0001834584-25-000202-index.htm","confidence":0.9,"family_label":"Cybersecurity Incidents","details":[{"label":"Nature","value":"Cybersecurity incident involving unauthorized access to approximately 33 million accounts, with limited data saved from approximately 3,000 customer accounts; perpetrator identified, cooperating, and data deleted without third-party sharing."},{"label":"Impact","value":"Coupang Corp. announced a customer compensation program of approximately 1.685 trillion won ($1.2 billion) in vouchers, to be reflected as reductions to selling price and revenue."},{"label":"Materiality","value":"assessing"},{"label":"Discovery","value":"2025-12-24"}],"fact_type":"cyber_incident"}],"license":"Source filings: public domain (SEC EDGAR). Summaries (headline + bullets): CC-BY-4.0; attribute https://secwatch.observer"}