We are racing to shape our AI future through a new Office of AI and national standards. Yet billions flow into foreign-led data centres while we offer little support for local models or sovereign compute. Without stronger action we risk becoming high-quality hosts rather than true leaders.
Meta's 'Iris' chip enters production in September and OpenAI's 'Jalapeño' targets 50% lower inference costs. The great AI chip rush is reshaping the global supply chain and redefining what AI products are viable to build.
Progress Software disabled access to ShareFile accounts using on-premises Storage Zone Controllers due to a credible security threat, while a massive campaign dubbed FortiBleed has compromised roughly half of all internet-facing Fortinet firewalls globally.
2nd December 2025 Cyber Update: Coupang Data Breach Exposes 33.7 Million Customers
South Korean e-commerce giant Coupang has confirmed a massive data breach exposing the personal information of 33.7 million customers. The incident, which began in June 2025, is one of the largest in the nation's history and is linked to a former employee's active credentials.
Cyber News Centre's cyber update for 2nd December 2025: Coupang has confirmed a significant data breach affecting over 33 million of its customers.
Coupang is South Korea's largest online retailer, often described as the nation's equivalent of Amazon.com. The company, founded in 2010 and backed by SoftBank Group, offers a wide range of services including its popular "Rocket Delivery" and is expanding into food delivery, streaming, and fintech.
The Update and Why It Matters
Update: South Korean e-commerce giant Coupang has confirmed a data breach that exposed the personal information of 33.7 million customers, making it one of the largest in the country's history. The breach, which began on June 24, 2025, was not detected until November 18. Exposed data includes customer names, email addresses, phone numbers, and shipping addresses, though the company states that financial details and login credentials were not compromised. An investigation by South Korean police points to a former employee, a Chinese national who has since left the country, as a key suspect. It is believed the individual used an authentication key that remained active after their employment was terminated, allowing prolonged access to the company's servers. Coupang CEO Park Dae-jun issued a public apology, stating,
"We sincerely apologise once again for causing our customers inconvenience."
The company is cooperating with authorities and has retained an independent security firm.
U.S. national Kim Beom-su, founder and chairman of Coupang, maintains effective control over Coupang—the leading e-commerce platform in South Korea—through his ownership of 74.3% of the voting rights in Coupang Inc., a U.S.-listed entity that wholly owns (100%) the Korean operating subsidiary. His continued behind-the-scenes influence has drawn increasing criticism, particularly in the wake of Korea’s largest-ever data breach involving Coupang. The accompanying photo shows Kim at the New York Stock Exchange on March 11, 2021 (local time), commemorating Coupang Inc.’s IPO. (Source: Coupang)
Why it Matters: This incident highlights a critical failure in internal security controls, specifically the lack of a robust offboarding process for employees with privileged access. The fact that a former employee's credentials remained active for months demonstrates a significant gap in identity and access management. For a company of Coupang's scale, which handles the data of over half of South Korea's population, this oversight is a major concern. The breach serves as a stark reminder that even sophisticated e-commerce platforms can be compromised by basic security hygiene failures, and that the insider threat, whether malicious or negligent, remains a potent risk.
Get the stories that matter to you. Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Sign up for Cyber News Centre
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead.
Progress Software disabled access to ShareFile accounts using on-premises Storage Zone Controllers due to a credible security threat, while a massive campaign dubbed FortiBleed has compromised roughly half of all internet-facing Fortinet firewalls globally.
NATO's 2026 Ankara summit placed AI security at the heart of alliance planning, raising urgent questions about autonomous systems, supply chain integrity, and the accountability of military AI as adversaries accelerate their own programmes.
Apple is accelerating its security updates to outpace AI driven exploit development, releasing early patches for iOS and macOS, while a critical WinRAR vulnerability shows why legacy software remains a prime target for attackers.
Tata Electronics’ confirmed cyber incident underscores a sharper risk for global manufacturers: stolen supplier specifications and production data can expose valuable intellectual property, test customer trust and challenge India’s push to become a trusted alternative to China.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!