South Korea’s personal data protection authority completed its review of Coupang’s recent breach and found critical shortcomings in the company’s incident response and data protection protocols. The regulator has directed Coupang to strengthen internal security controls, enhance monitoring procedures and bolster staff training, warning that failure to meet compliance deadlines could trigger formal enforcement actions.