my timesThe Korea Times

When data leaks, Korea reacts while US litigates on autopilot

Listen
E-commerce giant Coupang confirmed that about 33.7 million customer accounts were exposed in a massive data leak. The photo shows a notification text message sent by the company to affected users, Monday. Yonhap

E-commerce giant Coupang confirmed that about 33.7 million customer accounts were exposed in a massive data leak. The photo shows a notification text message sent by the company to affected users, Monday. Yonhap

SEATTLE — A massive data leak has stirred anger and anxiety across Korea, but in the U.S., a similar breach would more likely set off a wave of automatic class action notices than public outrage.

The breach, now considered one of the largest in Korea’s digital history, has shaken public trust in a platform that millions rely on for groceries, household goods and fast delivery. Users rushed to community sites to check whether their names, addresses or purchase histories had been compromised, and many questioned how closely the company had safeguarded the data behind its rapid rise.

In the United States, where some of the world’s largest data breaches have occurred, public reaction is usually more subdued. A 2025 survey by Varonis found that 64 percent of U.S. adults have never checked whether their information was exposed in a breach, despite repeated incidents involving retailers, credit bureaus and social media companies. More than half said they would not know what steps to take if they learned their data had been compromised.

Conversations on Reddit point to a kind of collective fatigue. One user wrote, “It feels like my information has already been leaked somewhere,” adding that many people around them “don’t bother checking anymore because it all feels out of their control.” Another commenter echoed the same resignation: “At this point I just assume my data is already out there. It’s not that I don’t care. I just don’t know what else I’m supposed to do.”

But a quieter public reaction does not mean breaches go unanswered. In the U.S., major incidents often trigger rapid legal action. Law firms frequently launch class action suits within days, automatically enrolling millions of affected consumers or inviting them to join through email notices, advertisements or settlement portals. The 2017 Equifax breach, which exposed the personal information of about 147 million Americans, resulted in a large settlement fund for consumers, and Anthem’s 2015 health care breach produced one of the biggest data breach settlements in U.S. history.

Korea’s legal response works differently. Outside of limited areas such as securities, the country does not have a broad civil class action system. Consumers must join lawsuits individually, submit documentation and often share legal costs. Large-scale breaches rarely lead to mass civil settlements, so public pressure, regulatory scrutiny and media attention tend to carry more weight in Korea than private litigation.

A past case illustrates how limited the process can be. In the 2016 Interpark hacking incident, information from 10.3 million users was leaked, but only about 2,400 people joined the lawsuit. Four years later, those plaintiffs received 100,000 won each. Victims in the current case have begun mobilizing online as well, with tens of thousands joining community groups to prepare collective legal action and discuss potential next steps.

The market context further shapes the contrast. In the U.S, Amazon is dominant but shares the space with strong competitors such as Walmart, Target, Costco and Instacart, meaning rapid delivery is spread across multiple services. In Korea, Coupang remains the primary choice for quick delivery and daily essentials, so a breach at a single platform feels especially disruptive for households that rely on it heavily.