Coupang Founder Kim Bom Issues Apology for Hacking Incident: Read the Full Letter from the 'Amazon of Korea' Founder
Kim Bom, founder and chairman of Coupang, South Korea's leading e-commerce platform often dubbed the "Amazon of South Korea," has issued a formal apology following a hacking incident in November that exposed the personal information of millions of users. The apology was posted on the company's official website in response to the breach.
In a letter penned in Korean, the chairman residing in the U.S. conveyed his "sincere apologies" to the public and pledged to thoroughly revamp the company's cybersecurity systems. Kim has been heavily criticized in South Korea for not attending parliamentary hearings that took place in Seoul earlier this month.
Apology letter by Kim Bom, founder of Coupang (translated to English)
The personal information leak at Coupang has caused great concern and inconvenience to customers and the public.
As Coupang's founder and chairman of the board, I offer my sincere apologies on behalf of all Coupang employees. I cannot help but feel devastated by the disappointment so many people have experienced.
This data breach, which was our responsibility, has left many of you feeling fearful and anxious about the safety of your personal information. Furthermore, we apologize for the frustration and disappointment caused by our failure to communicate clearly and directly from the outset of the incident. We sincerely apologize for our inadequate initial response and lack of communication immediately following the incident.
Above all, my apology is overdue. I fully supported the resolution of the situation by dedicating all resources and manpower to preventing any secondary damage to our customers. Rather than simply apologizing in words, I wanted Coupang to take action and achieve tangible results, taking every possible measure in the best interest of the Korean people. Furthermore, given the rapid pace of change and the proliferation of misinformation, I believed it would be best to communicate publicly and apologize only after all the facts were confirmed.
In retrospect, this was a poor judgment. While Coupang worked tirelessly to resolve the situation, I should have expressed my deepest regrets and sincere apologies from the beginning. My heart has been heavy ever since I first learned of the data breach.
Today, Coupang would like to share the progress of its personal information leak incident and its commitment to reform.
Coupang Korea and its executives and employees prioritized resolving the issue with a strong sense of responsibility to immediately block the possibility of secondary damage and restore customer trust immediatel after the incident.
After months of continuous, daily efforts, Coupang recently completed the recovery of 100% of the leaked customer information through cooperation with the government. We have secured a statement from the leaker and recovered all storage devices. This process confirmed that the customer information stored on the leaker's computer was limited to 3,000 records, and that this information was not distributed or sold externally. The investigation is ongoing, and we will provide updates as additional information becomes available.
Coupang has cooperated fully with the government since the beginning of the investigation. Immediately following the incident, we identified the leaker and notified the government. Through cooperation with the government, we promptly recovered the equipment and leaked information, and submitted all relevant documents to the government. Throughout the entire process, we strictly adhered to the government's request for confidentiality, even amidst widespread misinformation.
I believed that recovering 100% of the customer information stolen by the leaker was the only way to "restore customer trust." In the process, I neglected communication with the public. I apologize to everyone who pointed out my communication deficiencies, and I humbly accept the criticism and reprimand.
Even after successfully recovering and securing the leaked personal information, we remain deeply aware of our failure to prevent the initial data breach, and we deeply apologize for any concern and inconvenience it may have caused.
We will rebuild trust from the ground up. Led by the Board of Directors, we will develop a compensation plan for Korean customers who experienced inconveniences at Coupang Korea and ensure its swift implementation. Furthermore, to ensure that mistakes like this personal information leak never happen again, we will comprehensively revamp Coupang's information security measures and investments. We will fulfill our responsibilities and ensure that necessary investments and improvements are not delayed.
We will use this failure as a lesson learned and a springboard for growth, building a world-class cybersecurity system. We will thoroughly investigate the causes of security vulnerabilities and innovate our security systems. Once the government's final investigation results are available, we will develop and implement measures to prevent recurrence based on those findings.
Our customers' trust and expectations are the reason Coupang exists. We will use this incident as an opportunity to thoroughly reinvent ourselves and never stop challenging ourselves to create the world's best customer experience.
I once again apologize to the people.
