E-commerce behemoth, Coupang, endured a significant blow following a data breach in South Korea, leading to a loss in its fourth quarter. The company’s profits plummeted and its revenue failed to meet analyst predictions, reflecting the extensive impact of the breach.
Coupang Korea, responsible for over 90% of the group’s total revenue, experienced severe backlash after a data breach was revealed in November. This breach impacted nearly 34 million customers. The revenue for the company for the time frame of October-December was reported at $8.8 billion, falling short of the anticipated $8.9 billion. The fourth quarter saw Coupang spiral into a $26 million loss, compared to a profit in the same period the previous year, although its New York-listed shares did see a 1.9% increase.
CFO Gaurav Anand spoke out in an earnings call, indicating that active customers in their product commerce sector increased by 8% from the previous year to 24.6 million in the fourth quarter. However, this was a reduction from the third quarter’s 24.7 million, a change likely due to the data breach.
Anand stated that they have observed stabilization since Q4’s end, with numerous customers reactivating their accounts and customer growth trends improving. Despite this, he expressed that growth and profitability are expected to remain subdued in the coming months due to the ongoing consequences of the data breach, but he anticipates that this impact will gradually diminish over the year.
The data breach led to the exposure of users’ names, phone numbers, and shipping addresses. However, Coupang confirmed that login credentials and payment details remained secure. The company pledged to take all necessary steps to mitigate future damage and strengthen preventative measures to avoid another breach.
The interim head of Coupang’s South Korean division, Harold Rogers, assured customers that the company has not found any misuse of customer data linked to the incident or evidence of any further harm. Rogers explained that the breach was the result of a targeted attack by a former employee who exploited their knowledge of Coupang’s systems.
Despite these claims, South Korea’s Science Ministry attributed the breach not to a sophisticated cyberattack, but to management failures at Coupang. In the wake of the incident, competitor platforms have capitalized on Coupang’s struggles, enticing customers away from the platform.
Additionally, Coupang is contending with proposed regulatory changes that could intensify competition in ultra-fast overnight deliveries, a sector that has been crucial to its market leadership. In a separate incident, South Korea’s antitrust regulator imposed a 2.2 billion won (US$1.53 million) fine on Coupang for pressuring vendors to reduce prices and carry extra costs to meet profit targets and delaying payments to suppliers. This penalty is not directly related to the data breach.
What steps is Coupang taking post-data breach?
Coupang pledges to take all necessary measures to mitigate further harm and strengthen safety measures to avoid recurrence of such breaches.
What caused the data breach at Coupang?
The breach was attributed to a targeted attack from a former employee who exploited inside knowledge of Coupang’s systems.
How has the data breach impacted Coupang’s financial standing?
As a result of the data breach, Coupang’s revenue fell below predicted values, and the company reported a loss of $26 million for the fourth quarter.
