Coupang issued a revised notice at the government's request regarding a large-scale personal information leak incident. In the notice delivered to customers on the 7th, Coupang stated, "There has been an incident where customers' personal information was leaked," and added, "There has been no new leak incident, and this is to provide precautions to prevent additional damage such as impersonation and phishing related to the personal information leak incident previously notified from November 29."

Coupang explained that the leaked information consists of customer names, email addresses, delivery address books, and some order information. However, they emphasized multiple times that customers' card or account numbers, passwords, and personal customs clearance codes were not leaked. The National Police Agency announced that no secondary damage cases suspected to have used the leaked information from Coupang have been found so far.

Following the directive of the Personal Information Protection Commission, Coupang accepted the request to revise the previous "exposure" notification to an "information leak" notification and to re-notify customers reflecting all leaked items without omission. The Personal Information Protection Commission stated that Coupang was criticized for notifying data subjects under the title "exposure" despite identifying that customer personal information was leaked due to abnormal access by an unidentified person.

Coupang provided customers with precautions to prevent phishing and impersonation damage. Coupang said, "We do not request app installation via phone calls or text messages," and urged, "Scammers may impersonate 'Coupang' through smishing and phishing texts, so never click on links from unknown sources and delete such messages." They also recommended reporting suspicious calls or text messages to 112 or the Financial Supervisory Service.

Coupang explained that the "delivery completed" text messages customers receive after placing an order are sent only from the Coupang customer center phone number. For Android users, authentication text messages sent under the name of the Coupang customer center display the 'Coupang' logo image, the phrase "verified sender number," and a shield-shaped "security mark."

Coupang emphasized that delivery drivers do not directly call or send text messages except in exceptional cases such as difficulty entering the delivery address or no items to be collected. Customers were advised to update the access codes for apartment buildings or shared entrances if entered in the delivery address book.

Coupang stated that it is cooperating with relevant authorities including the Ministry of Science and ICT, the National Police Agency, the Personal Information Protection Commission, the Korea Internet & Security Agency, and the Financial Supervisory Service to conduct an investigation into this incident. Coupang added that it prioritizes the protection of customers' personal information and will do its best to prevent similar incidents in the future.

It was confirmed that the personal information leak incident involved the information of 33.7 million customers, and Coupang faced criticism for its initial response to the situation. Coupang plans to continuously provide information to customers and strengthen measures to prevent damage in order to regain their trust.