A massive data breach at South Korea’s largest e-retailer Coupang Inc caps what is set to be a record year for online leaks in the country, highlighting weaknesses in Seoul’s cyber defences.

Coupang, known for its popular early morning grocery deliveries, said about 33.7 million customer accounts were affected by the leak, which compromised email and shipping addresses as well as phone numbers.

The figure – representing nearly two-thirds of South Korea’s 51.7 million population – would be a record if confirmed, an official from the Personal Information Protection Commission told Bloomberg News. An investigation is ongoing.

It was not clear who was behind the leak, but local media reported that a former Coupang employee could have exploited a system vulnerability. Officials warned that the compromised information could be used to carry out targeted phishing attacks.

Korean newspapers splashed the story across front pages on Monday as worries mounted over possible disruptions following the breach. With nearly 25 million active users, many Korean families rely on the Amazon-like retailer for the bulk of their shopping, typically handing over sensitive information like apartment door codes to facilitate deliveries.

Shares of Ahnlab Inc rose as much as 8% in Seoul on Monday as the incident sparked fresh interest in online security.

"South Korea has seen a consistent rise in cyber incidents each year, with 2025 projected to record the highest number of attacks to date,” said Vitaly Kamluk, founder of cybersecurity firm TitanHex.

SK Telecom Co, the country’s largest mobile carrier, was fined US$97mil (RM400mil) this year for failing to safeguard customer data and for delayed reporting of breaches. KT Corp and Lotte Card Co also disclosed leaks in recent months.

Last week, the country’s largest crypto exchange Upbit was hacked in a suspected North Korean attack – the same day its parent company announced it had been bought by South Korean Internet giant Naver Corp.

"Looking at hacking incidents and security system failures overall, compared to other countries, especially the US, the average level of investment in security systems in Korea is woefully inadequate,” said Lee Chan-jin, Governor of the Financial Supervisory Service. – Bloomberg