Korea fines e-commerce giant $400m over data breach affecting millions

South Korea has hit online retail giant Coupang with a record fine of more than $400m (£299m) over a massive data breach that exposed the data of more than 30 million customers last year.

The fine is the largest ever issued by Seoul's Personal Information Protection Commission (PIPC) for a data breach.

The leak exposed the names, contact and delivery details and order histories of some customers of Coupang, South Korea's largest e-commerce platform often described as its equivalent of Amazon.

Coupang told the BBC it "deeply regrets the concern caused" and that it will strengthen its security measures, but added that it planned to challenge the PIPC decision.

The number of accounts affected by the incident represents more than half of South Korea's population of around 50 million people.

The PIPC on Wednesday announced the fine of 624.68bn won on Coupang "for violating safety obligations and collecting personal data without legal grounds."

The commission found that a lack of safeguards, including poor management of authentication signing keys and access controls, had resulted in the personal data of around 37.5 million users being exposed.

Coupang said that its explanations and measures to prevent further harm from the data breach "were not sufficiently reflected" in the commission's decision.