South Korea disputes US congressional report claiming discrimination against Seattle-based Coupang

A diplomatic and regulatory dispute has emerged between South Korea and the United States after a U.S. congressional committee published a report accusing Seoul of unfair, discriminatory treatment of U.S.-listed e-commerce giant Coupang, prompting a sharp pushback from South Korean government officials.

The controversy traces back to June 2024, when South Korea’s Personal Information Protection Commission (PIPC) imposed a record-breaking 625 billion won ($403 million) fine against Coupang following a massive 2023 data breach that exposed personal information belonging to more than 37 million individuals, 33 million of whom are active Coupang customers. According to PIPC findings, the breach was not the result of advanced, sophisticated hacking; rather, it stemmed from severe gaps in Coupang’s internal security protocols. A former Coupang employee retained unauthorized access to customer databases using a stolen security key after leaving the company, and lax internal controls allowed an unidentified Chinese developer to access all stored user data without detection for an extended period. Regulators also noted that Coupang violated South Korean data protection law by failing to report the breach within the mandatory 72-hour window, a failure that compounded risks to consumers.

On Wednesday, the U.S. House Judiciary Committee released a 35-page report that framed the fine and preceding investigation as part of a pattern of growing discrimination against U.S.-owned businesses operating abroad. The report went as far as to accuse South Korean antitrust and privacy regulators of using coercive investigation tactics and running a deliberate harassment campaign against the company.

The South Korean government issued a formal, firm rejection of these claims just one day later. Foreign Ministry spokesperson Park Il stated that the U.S. congressional report relies exclusively on one-sided claims from Coupang and completely omits Seoul’s official position on the case. Park emphasized that all investigative steps and regulatory penalties against Coupang were conducted in full compliance with South Korea’s domestic laws, and rejected assertions that the company faced unfair treatment or discriminatory regulation.

“Our handling of the Coupang case has focused on addressing the personal data breach and protecting South Korean consumers,” Park said, adding that all investigative actions and penalties were implemented lawfully and without bias. “Claims that our government carried out discriminatory investigations and imposed unfair regulations on the company simply do not align with the facts.”

For its part, Coupang has apologized to affected customers for the security failure, but has moved to challenge the fine through South Korea’s administrative court system. The company argues that the privacy regulator failed to adequately recognize steps it has taken to strengthen security protocols and mitigate harm to users after the breach was discovered. In an emailed statement, Coupang said it regrets the circumstances that led to the congressional investigation, and affirmed its commitment to reaching a constructive resolution that allows the company to continue acting as a connector for U.S.-South Korea trade and investment.

Headquartered in Seattle, Coupang brands itself as a U.S. technology and Fortune 150 company that links thousands of American businesses and brands to global markets. Despite its U.S. corporate registration, the vast majority of the company’s revenue comes from its operations in South Korea, where it is a leading e-commerce platform famous for its same-day and next-day delivery of groceries, prepared food, and general consumer goods.

According to reporting from South Korea’s Yonhap News Agency, which cites U.S. Senate lobbying disclosure documents, Coupang has spent more than $1 million on lobbying activities in the U.S. since the data breach scandal became public in November of last year. Those lobbying efforts have targeted both the White House and Congress, as the company works to build support for its position in the dispute with South Korean regulators.