Coupang’s Interim CEO Apologizes, Reviews Compensation, and Faces Ongoing Investigation After Massive Data Breach
Updated (3 articles)
Leadership turnover and parliamentary apology Harold Rogers, appointed interim CEO after Park Dae‑jun resigned, publicly apologized at a National Assembly hearing on Dec. 17, 2025, acknowledging the breach’s impact on Korean consumers; founder Kim Bom‑suk was absent, citing global duties [1][2][3].
Breach magnitude and exposed data Coupang disclosed that personal details of more than 33 million customers were compromised, with later figures reaching 33.7 million accounts; leaked information includes names, phone numbers, emails, and delivery addresses, while payment and login credentials remained secure [1][3].
Compensation plan and regulatory actions Rogers said a compensation package is being drafted pending the investigation’s conclusion; the company filed a notice with the U.S. SEC to reduce information asymmetry, and South Korean authorities have demanded compensation details, conducted police raids, and noted a pending U.S. class‑action lawsuit [1][3].
Future security and trust‑restoration steps Rogers outlined priorities to fully investigate the incident, strengthen information‑security controls, and restore customer trust, while regulators continue probing the breach’s origins and the parliamentary committee examines the company’s response [1][2][3].
Sources (3 articles)
-
[1]
Yonhap: Interim CEO of Coupang apologizes for data breach at parliamentary hearing – details Rogers’ apology, compensation review, SEC filing rationale, and founder’s absence .
-
[2]
Yonhap: Interim CEO of Coupang apologizes for data breach at parliamentary hearing – repeats apology and leadership change, emphasizing breach scale and hearing context .
-
[3]
Yonhap: Coupang CEO resigns; interim chief named – reports Park’s resignation, Rogers’ appointment, updated breach figures, police raids, and U.S. lawsuit .
Timeline
June 24, 2025 – A data breach begins on overseas servers that later expose personal details of Coupang customers, marking the origin of the incident that will later affect tens of millions of users[3].
November 2025 – Coupang discovers the breach after weeks of unauthorized access, prompting internal investigations and the eventual public disclosure of the incident[3].
Late November 2025 – The company initially reports that only about 4,500 user accounts were compromised, a figure that later proves dramatically understated as the investigation expands[3].
Dec 10, 2025 – CEO Park Dae‑jun resigns, taking full responsibility for the leak that now affects 33.7 million accounts; Harold Rogers, chief administrative officer and general counsel, is named interim CEO to steer the response[3].
Rogers says, “Our priorities are to address the incident thoroughly, strengthen information security, and restore trust,” and pledges clear action for customers[3].
The presidential office requests a compensation plan, police raid Coupang’s Seoul headquarters for a second day, and a U.S. class‑action lawsuit is filed against the firm[3].
Dec 16, 2025 – At a National Assembly hearing, interim CEO Harold Rogers apologizes, stating, “I am deeply sorry for the concern created for the Korean people,” and affirms that Coupang “takes this matter seriously and will respond to regulators and customers”[2].
The hearing notes that founder Kim Bom‑suk is absent due to global duties, underscoring leadership turbulence amid the crisis[2].
Dec 17, 2025 – Rogers returns to the parliamentary hearing, reiterating the apology and outlining a compensation package that will be deployed after the investigation concludes[1].
He explains the SEC filing, saying it “reduces information asymmetry with the United States,” and confirms that “no payment‑card data was compromised” and operations remain largely uninterrupted[1].