SOUTH Korea’s Science Ministry has blamed Coupang’s massive data leak on management failure rather than a sophisticated cyberattack, calling for fixes to vulnerabilities in its security systems. The first findings of the government-led probe said a former Coupang engineer, aware of flaws in the authentication process, broke into the system in April, with the breach lasting until November, and a prior access attempt in January.
“It’s more of a management problem than an advanced attack,” said Choi Woo-hyuk, deputy minister for cyber security and network policy, at a press conference, noting lax oversight of authentication systems. The ministry said the attacker exploited user authentication vulnerabilities to access accounts without proper login and caused large-scale unauthorised information leaks, according to Reuters.
Coupang and its investors have been pushing back against the regulator’s statements and actions, including compensation amounts to victims. Read more at Reuters.