THE president ordered swift action to penalise those responsible for a major data leak at e-commerce giant Coupang affecting more than 33 million customers.

It was “astonishing that the company failed to recognise the breach for five months”, President Lee Jae-myung said, adding that the “scale of the damage is ­massive”.

Seoul has said the leak took place through overseas servers from June 24 to Nov 8.

But Coupang only became aware of it last month, according to police and local media, who said the company had issued a complaint in November against the alleged culprit – a former employee.

Lee ordered the government to “strengthen fines and make ­punitive damages a reality”, calling for “substantive and effective countermeasures”.

“The cause of the accident must be quickly identified and (those responsible) must be held strictly accountable,” he said.

Police are tracing computer IP addresses and looking into possible international collaboration as part of their investigation.

They warned the leak could “threaten the daily lives and ­safety of every single citizen”.

Coupang has told customers that their names, email addresses, phone numbers, shipping addresses and some order ­histories had been exposed in the leak.

But the company said their payment details and login credentials had not been affected.

The case follows a major breach at South Korea’s largest mobile carrier SK Telecom, which was fined about 134 billion won (around RM375.6mil) in August after a cyberattack exposed data on nearly 27 million users.

South Korea is among the world’s most wired countries, but has also been a target of ­numerous hacking attacks by arch-rival North Korea. — AFP