South Korea saw two data breaches: a leak of 33.7 million Coupang accounts and a hack of 120,000 home security cameras, underscoring cybersecurity lessons.
Introduction
Ongoing events in the latter part of 2025 are causing concern about digital protection in South Korea. In the span of several weeks, two large-scale invasions of privacy have shaken the country. The largest e-commerce marketplace in the country, Coupang, suffered from a large-scale data breach that affected tens of millions of citizens. Lately, it was revealed that many home security cameras in the country were also hacked. Collectively, it is clear that the standards of digital protection and consumer privacy are of great concern in South Korea.
Coupang Data Breach: Information of 33.7 Million Users Leaked
Coupang—also known as the “Amazon of South Korea”—has confirmed that it suffered a breach that exposed data from 33.7 million customer accounts. Among the notable points:
- The incident began in late June of 2025 on foreign servers.
- It went undetected until mid-November, when irregular behavior was discovered at last.
- The leaked data reportedly included:
- Contact information
- Delivery records
- However, no payment details or passwords were obtained.
Coupang’s response:
- Immediately issuing an apology and notification to the authorities after detection.
- Launched an internal investigation, which pointed to:
- Former employee: May have used valid, still-extant credentials for data exfiltration.
- Cooperated with police, who are:
- IP Address Tracing
- System Vulnerability Scanning
Regulatory and public reaction:
- Authorities are looking into suspected breaches of data protection legislation.
- Consumer anger is rising, with the threat of class-action lawsuits from tens of thousands of users.
- Loss of public confidence in the platform is extensive due to the fact that the attack impacted over half of the country’s population.
120,000 Home Security Cameras Hacked for Illicit Footage
South Korean police have detained four persons for hacking into over 120,000 home and business security cameras in the country. Some of the key points highlighted are:
- “Hackers took advantage of easy-to-guess passwords like ‘1111‘ to access live video streams of thousands of cameras.”
- Once inside, they:
- Private sexual video recordings
- Downloading and selling sexually exploitative videos on foreign-based sites
Scale of the exploitation:
- One hacker breached 63,000 cameras, producing 500+ illicit videos.
- Another: 70,000 cameras, making 648 videos.
- Two additional persons had stored large amounts of footage but had yet to sell any of it.
Types of locations hacked:
- Private residences
- Karaoke bars
- Pilates studio
- Health clinic for women
Law enforcement actions:
- International collaboration to shut down foreign sites that are hosting the content.
- Arrests of several domestic buyers who paid for the video recordings.
- It is made clear that just observing such video constitutes a very serious offense.
- Contacted victims to:
- Secure their devices
- Delete leaked footage
- Provide support
Security guidance issued:
- Authorities urged users to:
- Set strong, unique passwords
- Keep device firmware up to date
A Cybersecurity Wake-Up Call for South Korea
Nonetheless, the successive breaches that have occurred have highlighted the weaknesses in the country’s preparedness for such incidents. In this light, the government has held an emergency meeting and launched an investigation concerning whether Coupang has contravened laws governing the protection of data. According to the authorities, this case marks the latest in what has been seen as a series of business data breaches that are symptomatic of weaknesses in the country’s protection of individuals’ data.
However, the issue of smart cameras also underscores the rising threat level in relation to the Internet of Things (IoT). Simple mistakes such as poor default passwords have led to the hacking of many devices. In effect, this trend has encouraged authorities and cyber security experts to promote increased awareness campaigns focusing on basic cyber security practices such as the use of strong passwords and performing software updates on schedule. In this case, businesses and individuals are rethinking approaches for securing protection in the face of rising internet connectivity.
Conclusion
The two breaches shaking South Korea highlight a truth the cybersecurity world can’t ignore:
attackers don’t need zero-days when identity gaps are wide open.
At Coupang, a former employee’s still-valid credentials exposed the data of 33.7 million people. Across the country, weak passwords like “1111” unlocked over 120,000 private cameras. No advanced malware. No sophisticated exploit. Just identity failures — simple, silent, and devastating.
Why Everyone Is at Risk
Every organization, from global retailers to small shops, now faces the same identity-driven threats:
- Old accounts that were never deactivated
- Unmonitored logins from unknown devices
- Weak passwords on IoT systems
- No visibility into suspicious identity behavior
- Credentials reused, stolen, or shared
- Vendors and partners with more access than anyone realizes
If you aren’t watching identity activity in real time, you’re trusting your entire business to luck. And attackers love when you trust luck — it makes their job effortless.
Where Xcitium Changes the Outcome
Organizations protected by Xcitium Identity Threat Detection & Response (ITDR) operate in a completely different reality.
- Unauthorized access attempts — blocked in real time
- Ex-employee credentials — automatically neutralized
- IoT logins from unknown devices — denied before they connect
- Suspicious privilege escalation — shut down instantly
- Identity misuse — stopped before it becomes a breach
Xcitium ITDR doesn’t wait for an investigation.
It doesn’t rely on someone noticing odd behavior.
It acts the moment identity risk appears — closing the gaps attackers repeatedly exploit.
Secure the Layer Attackers Target First
In today’s threat landscape, the perimeter isn’t your firewall — it’s your identities. And if you’re not protecting them, someone else will take them.
Strengthen your defenses where breaches begin. Choose Xcitium Identity Threat Detection & Response.
