Massive Data Breach at Coupang Exposes 33.7 Million Customers

On December 26, 2025, Coupang, South Korea's leading e-commerce platform, confirmed a significant data breach affecting approximately 33.7 million customers. The breach exposed sensitive personal details, including names, addresses, and contact information, while payment data remained secure. Preliminary investigations suggest that the breach may have been caused by insider threats from a former employee, emphasizing the need for organizations to bolster their internal security protocols against such risks. This incident not only poses a reputational risk for Coupang but also raises concerns about the effectiveness of their data protection measures in today’s cybersecurity landscape. As organizations continue to face sophisticated threats, the need for comprehensive security frameworks is more critical than ever. source

Additionally, the React2Shell vulnerability (CVE-2025-55182) was disclosed, with a maximum CVSS score of 10, leading to urgent patching efforts across millions of websites. State-sponsored cyber espionage from China and Russia targeting government and critical infrastructure also remains a significant threat. Regulatory bodies are ramping up scrutiny on major incidents, pressing organizations to enhance their cybersecurity frameworks moving into 2026.