Accused data thief threw MacBook into a river to destroy evidence

TL;DR

Coupang says a former employee admitted improperly accessing records for about 33 million customers but retained data on roughly 3,000 accounts and deleted it after media reports. Investigators recovered a smashed MacBook thrown into a river and found evidence consistent with the accused’s sworn statements; the company has pledged vouchers to affected users and is subject to a government inquiry.

What happened

Coupang reported that a former staffer improperly accessed data describing about 33 million customers. The company said it worked with Mandiant, Palo Alto Networks and Ernst & Young to carry out a forensic review and obtained sworn statements from the alleged perpetrator. Investigators concluded the individual stole a security key while employed at Coupang and used it to query customer records. According to the company, the accused searched roughly 3,000 customers’ order histories and building access codes. The access was performed using a PC and a MacBook Air; the suspect surrendered the PC, and forensic teams found the script used in the activity on one drive. After press coverage, the accused smashed the MacBook, placed it with bricks in a Coupang bag and threw it into a river. Investigators later recovered the laptop and matched its serial number to the suspect’s iCloud account. Coupang says the accused never moved the data off those devices and deleted the files after seeing news reports.

Why it matters

• Insider access and use of company credentials can expose large volumes of customer data even if only a subset is retained.
• The scale—data describing around 33 million customers—touches more than half of South Korea’s population, raising consumer protection and regulatory concerns.
• Coupang’s decision to offer vouchers and the government inquiry signal potential financial and regulatory consequences for the company.
• Recovery of a smashed laptop shows that physical destruction of hardware does not guarantee loss of forensic evidence.

Key facts

• Coupang says a former employee improperly accessed data describing about 33 million customers.
• Forensic investigation conducted with Mandiant, Palo Alto Networks and Ernst & Young.
• Company secured sworn statements from the accused and reports investigators found no evidence contradicting them.
• Investigators say the accused stole a security key and used it to query customer records.
• Roughly 3,000 customers’ order histories and building access codes were viewed by the alleged perpetrator.
• Access occurred via a PC and a MacBook Air; the PC was surrendered and a script was found on its drive.
• After media coverage, the accused smashed the MacBook, put it in a Coupang bag with bricks and threw it into a river.
• Investigators recovered the laptop and matched its serial number to the accused’s iCloud account.
• Coupang says the accused never moved the data off the devices and deleted the retained data after seeing news reports.
• Coupang will issue a ₩50,000 (about $35) voucher to the 33 million customers it says were affected, an effort the company estimates will cost ₩1.17 trillion (~$1.17 billion).

What to watch next

• Outcome and findings of the government inquiry into Coupang’s operations and the incident.
• Whether regulators impose fines or other penalties on Coupang as a result of the investigation (not confirmed in the source).
• Any further forensic or legal developments regarding how the security key was taken and whether additional records were accessed or disseminated (not confirmed in the source).

Quick glossary

• Forensic investigation: A methodical examination of computers, storage devices and logs to determine what data was accessed, changed or removed.
• Security key: A credential or token used to authenticate access to systems or services; possession can enable actions under the associated account.
• Sworn statement: A formal declaration made under oath, often used as evidence in investigations or legal proceedings.
• Building access codes: Numbers or credentials used to enter residential or commercial properties, sometimes provided to delivery workers for indoor deliveries.

Reader FAQ

Did the employee steal data on 33 million customers?
Coupang says the employee improperly accessed data describing about 33 million customers but retained records for roughly 3,000 accounts.

Was the stolen data moved off company devices?
Coupang reports the accused never moved the data off the PC and MacBook Air and deleted the retained files after media reports.

Was the MacBook destroyed and recovered?
The accused reportedly smashed the MacBook, put it in a bag with bricks and threw it into a river; investigators later recovered it and matched its serial number to an iCloud account.

Will customers be compensated?
Coupang said it will give a ₩50,000 (about $35) voucher to each of the 33 million customers it says were affected.

Have regulators fined Coupang?
A government inquiry has been commissioned but any fines or penalties are not confirmed in the source.

CYBER-CRIME Accused data thief threw MacBook into a river to destroy evidence Former staffer of Korean e-tailer Coupang accessed 33 million records but may have done less damage than feared…

Sources

• Accused data thief threw MacBook into a river to destroy evidence
• Accused data thief dumped laptop in river to evade justice
• How an iPad under the Thames solved museum thieves …
• crime News, Rumors, Reviews, Guides and …

Related posts

• NextDNS: My new favourite DNS service for privacy, blocking and speed
• China drafts rules barring AI clones that impersonate relatives for elders
• CEOs Are Increasingly Costly: Could Automation Replace Top Executives?