In a company statement from Coupang investigators said a hacker threw a MacBook Air into a river in South Korea after a breach that exposed personal data for 33.7 million customers.
KEY FACTS
- Incident a MacBook Air was thrown into a river and later recovered
- Affected 33.7 million customer accounts
- Compensation 1.685 trillion won voucher package
- Oversight government-directed investigation began December 1
From December 1 the company operated under daily government oversight to coordinate a multi-week operation tracking the attacker. On December 9 the company received scripted messages to use when contacting the leaker.
Initial meetings on December 14 yielded a full confession and the surrender of a desktop, hard drives and sworn testimony. Primary devices were secured on December 16 and reached government analysts on December 17.
Forensic teams recovered the submerged MacBook Air on December 18, documented it in a chain-of-custody style and delivered it to analysts. Additional hard drives and three fingerprinted declarations were routed to police on December 21.
The company remained silent under a government mandate while media and lawmakers criticized the response. A December 29 announcement unveiled the 1.685 trillion won compensation package and a coupon plan worth roughly 50,000 won per affected account.
Texts starting January 15 will notify recipients in the app and deliver four single-use coupons: 5,000 won each for core services and Eats, and 20,000 won each for Travel and R.LUX. The statement included an apology and a pledge to cooperate and to pursue a customer-focused shift.
WHY IT MATTERS
The case shows that physical destruction of devices does not prevent recovery of evidence and that government-led oversight can shape incident response. The scale of the payout and the probe underline wider prevention and supply chain challenges for cloud-scale retailers.