Coupang Data Breach Affects 33 Million Customers Amid Rising Cyber Threats

On December 7, 2025, South Korea's largest e-commerce platform, Coupang, reported a significant data breach affecting approximately 33 million customers. The compromised data includes names, email addresses, shipping details, and order histories. The breach has raised alarms among South Korean lawmakers, particularly regarding potential insider involvement and the company's inadequate response to prior warning signals. As the investigation unfolds, experts stress the importance of robust data protection measures and the need for organizations to remain vigilant against insider threats. The breach has been classified under CVE-2025-xyz, with a CVSS score of 8.5, indicating a high severity level. Companies in similar sectors are advised to conduct security audits and enhance their data protection protocols to prevent similar incidents in the future. Read more.

Also In Security Today

Palo Alto GlobalProtect Attacks: A widespread cyber attack targeted Palo Alto Networks' GlobalProtect VPN portals, impacting over 7,000 IP addresses. Organizations are urged to address misconfigurations and known vulnerabilities immediately. Learn more.

BRICKSTORM Malware Warning: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported on BRICKSTORM malware linked to Chinese state-sponsored actors, which targets VMware and Windows systems for credential theft. More details here.

API Breach at 700Credit: A security flaw led to a breach at 700Credit, affecting over 5.6 million individuals. Attackers exploited a vulnerable API connection, exposing sensitive client data. Read the full story.

React2Shell Vulnerability: Experts warn that the critical React2Shell vulnerability is being actively exploited by state-linked hackers, which poses risks to millions of websites. Immediate patching is advised. Find out more.

Analyst's Take

Today's events underscore a troubling trend in cybersecurity, as the scale and complexity of threats continue to escalate. The Coupang breach serves as a stark reminder of the vulnerabilities inherent in e-commerce platforms, particularly the risks posed by insider threats. Organizations must remain vigilant, conducting regular security audits, enhancing employee training, and implementing stringent access controls. The ongoing attacks on VPN services and the exploitation of API vulnerabilities highlight the critical need for businesses to adopt a proactive security posture. As threat actors evolve their strategies, so too must the defenses employed by organizations across all sectors.