Summary4 min read

Marketplace Morning Report

Episode: The Data Breach That Hit Two-Thirds of a Country
Host: Gideon Long, Marketplace/BBC World Service
Aired: December 29, 2025

Overview

This episode centers on a colossal data breach affecting South Korean e-commerce giant Coupang, which put at risk personal information for nearly two-thirds of the country’s population. The discussion covers details of the breach, the company's response, broader trends in cyberattacks this year, and their social and economic impacts. The episode also provides brief updates on global business news and a historical discovery in Scotland.

Key Discussion Points & Insights

1. The Coupang Data Breach Crisis

Segment: [00:43–02:54]

Scale of the Breach:
- Coupang, known as the "Amazon of South Korea," faced a breach exposing data for as many as 33 million accounts—equivalent to about two-thirds of South Korea's population.
- Despite early fears, the company later confirmed that only about 3,000 accounts' data was stolen.
- Compromised details included names, email addresses, and residential addresses.
Timeline & Company Response:
- The breach began in June 2025, but Coupang didn't discover it until November—almost a five-month delay.
- CEO publicly apologized for not catching the breach sooner.
- Early on, 4,500 accounts showed signs of abnormal activity but the significance was not fully realized.
Perpetrator & Ongoing Investigation:
- The breach is believed to have been carried out by a former Coupang employee who had worked on authentication systems.
- Data was copied to the individual's personal computer; no evidence of further distribution or sale.
- Critically, there is no indication that financial data (credit cards, passwords) were accessed.
- The issue is under parliamentary review, with hearings scheduled.

Notable Quote:

"It was personal data for almost 2/3 of the South Korean population... pretty much most of the adult population."
— Archana Shukla, [01:11]

2. Broader Business & Market Updates

Segment: [02:55–03:33]

Commodities:
- Copper prices surge above $12,000 a ton amid supply concerns.
Tech Markets:
- Apple overtakes China's Vivo as India's largest smartphone vendor, selling over 6.5 million iPhone 16s in 2025.

3. Global Surge in Corporate Hacks

Segment: [03:33–06:28]

2025: Record Year for Cyberattacks:
- High-profile hacks affected major retailers in the UK (Marks & Spencer, Co-Op, Harrods), causing real-world supply disruptions such as empty store shelves.
- Jaguar Land Rover was hit—halting car production and impacting the UK economy to the extent that a cyberattack was officially cited as a drag on GDP.
- Japanese brewer Asahi was also targeted.
Who’s Behind the Attacks?
- Continuation of ransomware attacks tied to Russian-speaking cybercriminals.
- Distinct resurgence of teenage English-speaking hacker collectives, conducting major attacks, including on airlines (e.g., Qantas).
- Many attacks employed "social engineering"—tricking help desks and employees to gain access.

Notable Quotes:

"This year we've seen some very visible and tangible impacts... not just the companies affected but society in general."
— Joe Tidy, [03:40]

"We saw for the first time this year [a company] mention the cyber attack as having a natural effect on the economic output of the country."
— Joe Tidy, [04:20]

"Quite often it is people using con men like tactics to trick their ways into companies."
— Joe Tidy, [05:52]

4. Looking Forward: Lessons for 2026

Segment: [05:21–06:28]

Wake-up Call for Corporate Cybersecurity:
- Companies are expected to reconsider cyber risk, not just as a technical issue but a major operational and societal threat.
- Social engineering, rather than just technical trickery, is now front and center.

Notable Quote:

"You'd like to think it's a bit of a wake up call... I thought of cyber as near the top of my risk register, but I didn't expect it to have this much impact."
— Joe Tidy, [05:28]

5. Other Notable Stories

Segment: [06:29–07:14]

Historical Discovery:
- A 900-year-old silver coin, the oldest minted in Scotland, found by a metal detectorist and now acquired for a museum.

Memorable Moments & Quotes (With Timestamps)

On the scale of Coupang’s breach:
“Personal data for almost 2/3 of the South Korean population... pretty much most of the adult population.”
— Archana Shukla [01:11]
On the delayed discovery:
"The breach of the servers apparently began in June... but the company didn't notice anything until November."
— Gideon Long [01:39]
On cybercrime’s effect on society:
"This year we've seen some very visible and tangible impacts..."
— Joe Tidy [03:40]
On social engineering as a threat:
"Quite often it is people using con men like tactics to trick their ways into companies..."
— Joe Tidy [05:52]

Timestamps for Key Segments

[00:43–02:54] — Coupang data breach details with Archana Shukla
[02:55–03:33] — Global market/business news (Copper, Apple)
[03:33–06:28] — 2025 cyberattack overview and discussion with Joe Tidy
[06:29–07:14] — Discovery of Scotland’s oldest coin

Tone & Delivery

The tone is clear, informative, and urgent—underscoring the scale and seriousness of the cybersecurity crisis while providing actionable awareness for business leaders and consumers alike. Expert guests, like BBC correspondents, provide context that’s both accessible and authoritative.

This succinct episode delivers a wake-up call on cyber risks for businesses and individuals, using the Coupang breach and a year of high-profile attacks as stark reminders that cybersecurity vigilance is critical in 2026 and beyond.

Loading summary

Transcript27 lines

[00:00]
Marketplace Podcast Host
This Marketplace podcast is supported by Wealth Enhancement, who understand that dreams don't happen by chance. It takes a plan. They're ready to build your wealth. Blueprint for retirement, investing taxes and everything else your financial life brings. It reveals gaps and highlights opportunities you may have missed at no cost to you. Find out more at wealthenhancement.com Blueprint.
[00:29]
Podcast Promo Voice
On.
[00:29]
The Great Take Podcast Host
The gray take we sit down to talk about what really happens when families navigate aging, senior living and everything in between. Subscribe to the Great Take where you listen to podcasts and be part of the conversation.
[00:44]
Gideon Long
In South Korea, a big e commerce company agrees to compensate its customers for being hacked. Live from the UK this is the Marketplace Morning Report from the BBC World Service. I'm Gideon Long. Good morning. The South Korean e commerce firm Coupang has agreed to pay over a billion dollars in compensation to its users for a massive data breach. The BBC's Archana Shukla can tell us more. Hi Archana.
[01:07]
Archana Shukla
Hi Gideon.
[01:08]
Gideon Long
Just remind us of this story because it was a huge breach, wasn't it?
[01:11]
Archana Shukla
Yes, absolutely. It was personal data for almost 2/3 of the South Korean population. Coupang is one of the largest e commerce players in South Korea and it's often called South Korea's Amazon. And and nearly 33 million accounts were exposed, although later the company said that data for only 3,000 accounts were stolen. But it certainly did expose information for pretty much most of the adult population.
[01:39]
Gideon Long
And one of the most astonishing things about it is that the breach of the servers apparently began in June this year, but the company didn't notice anything until November. Have they said anything about why there was such a delay?
[01:50]
Archana Shukla
Well, they haven't mentioned why there was a delay in finding out the issues, but they did mention that earlier they had inspected about 4,500 accounts having some sort of, you know, a not normal situation. But the company's CEO has definitely come out and apologized that they should have addressed this crisis much earlier.
[02:10]
Gideon Long
And do we know who was behind this hack?
[02:12]
Archana Shukla
Authorities believe the breach was carried out by a former employee of Coup Pong who actually worked on some of the platform's authentication systems. But the has confirmed that only 3000 accounts data, which is the names, email IDs, addresses, etc. Were copied by the former employee on his personal computer, although the company also says that he has not sold it to any other third party. And the financial data, which is the credit card information and account passwords, were reportedly not accessed. So once the investigation gets over, more details will come out. The Parliament is going to also hear the matter for the next two days starting tomorrow.
[02:52]
Gideon Long
Arjuna, thanks for joining us here on Marketplace.
[02:54]
Archana Shukla
Thank you so much.
[02:55]
Gideon Long
Let's do the numbers. The price of copper has risen sharply due to worries about tightening supply. It's at well over $12,000 a ton on the London Metal Exchange. And tech giant Apple has overtaken China's Vivo to become the biggest smartphone seller in India. Apple has sold over 6.5 million of its iPhone 16 series in the country this year. Coming back to hacking, it's been a big year for corporate hacks worldwide, not just in South Korea. Cybercriminals have targeted organizations from the Japane brewer Asahi to the British carmaker Jaguar Land Rover. Here's the BBC cyber correspondent, Joe Tidey. Hi, Joe.
[03:33]
Joe Tidy
Hi.
[03:35]
Gideon Long
So how does this year rank? It feels like it's been a bad year for cyber hacks, is that right? Do the numbers back that up?
[03:41]
Joe Tidy
I think so. And it's not just the numbers, it's also the nature of them and how high profile they've been. Quite often when you cover cyber security, cybercrime, it's all ones and zeros. It's all very removed from people's lives and it's hard to kind of grasp. But this year we've seen some very visible and tangible impacts on not just the companies affected, but society in general. If you look at the wave of retail attacks in the uk, there was Ms. Marks and Spencer, which is a very much loved and long established department store. There was Co Op, a supermarket, a household name in the uk, and Harrods, everyone knows Harrods around the world. All three hit in quick succession. And in some cases with Ms. And Co Op, we saw shelves being empty because they had logistics problems, because everything was encrypted and down. Then of course you've got Jaguar Land Rover, as you mentioned there, it brought production lines to a halt, so no cars were being made for many weeks. Affected the car company in a huge way, but also affected the UK economy. We saw for the first time this year they mentioned the cyber attack as having a natural effect on the economic output of the country.
[04:39]
Gideon Long
And what do we know about the perpetrators of these various attacks and their motives?
[04:44]
Joe Tidy
The interesting thing this year has been that although we've got the kind of the steady drumbeat of ransomware attacks from the largely Russian speaking cybercrime community and ecosystem, this year we've also seen the resurgence of a teenage hacking culture which has always been there, but it comes in cycles. And this year we've seen a real uptick in activity from English speaking kids banding together to carry out major cyber attacks. And that's where we think a lot of these attacks have come from. The retail attacks, perhaps even jlr, and then a wave of attacks on airlines, including Qantas airlines as well. So I think we've got those two things coming together this year that have made it particularly troubling and quite damaging.
[05:21]
Gideon Long
And this very bad year for corporate hacks. 2025, what does that mean, do you think, when you look ahead to 2026.
[05:28]
Joe Tidy
For cyber security, you'd like to think it's a bit of a wake up call. And we have said this kind of thing before, it's a cliche, isn't it? But I think when you have the attacks and the kind of visible impacts that we've had, particularly in the uk, but around the world as well. You mentioned Asahi, the Japanese brewer. I think a lot of companies will be out there thinking, well, hang on a minute, I thought of cyber as a near the top of my risk register, but I didn't actually expect it to be having this much impact on not only me and my business, but my customers and community as well. So I think people will be thinking to themselves, how do I make that not happen to me? And the interesting thing we've seen this year as well is the rise of or adaptation of what we call social engineering techniques. So the cybersecurity companies will want you to think it's all about quantum and AI, but actually quite often it is people using con men like tactics to trick their ways into companies and get credentials to log in. And that's what we saw. We think with some of these teenage attacks, they literally called up it help desks and pretended to be employees.
[06:26]
Gideon Long
Joe Tidy, thanks very much for joining us here on Marketplace.
[06:29]
Joe Tidy
Thank you.
[06:29]
Gideon Long
A 900-year-old silver coin that was found by a metal detectorist in Scotland has been bought by the state and will go in a museum. It's the earliest known coin minted in Scotland. The BBC's Rebecca Drought Reports King David.
[06:42]
Podcast Promo Voice
I of Scotland ruled from 1124 to 1153. He introduced the country's first coinage. Earlier coins found in Scotland, such as those from the Roman or Viking eras, had been minted elsewhere. And it had been thought all King David's earliest coins were made in England. But the silver coin found in a wooded area near Penicook in 2023 bears an inscription showing it was minted in Edinburgh in the second half of the 1130s. The metal detectorist who found the coin was paid its value as a reward.
[07:14]
Gideon Long
Rebecca Drought there on a very rare coin in Scotland in the UK I'm Gideon Long with the Marketplace Morning Report from the BBC World Service. Thanks very much for listening.
[07:31]
Rima Reis
Hey everyone. You already listened to Marketplace Podcasts, so you know that it's important to understand how economic forces shape our lives. And that feels especially important now as we're all trying to make sense of the latest headlines. I'm Rima Reis, host of Marketplaces. This is Uncomfortable, a show that explores how money bumps up against our relationships, our choices in the parts of life we don't always say aloud. And starting January 15th, we are back every single week. New stories, new questions, and the kind of conversations that make you feel less alone in this quickly changing economy. We're tackling questions like should I turn my hobby into a money making side hustle? How do I deal with layoff anxiety? Or what do we owe our parents financially? Don't miss an episode. Subscribe to this is Uncomfortable from Marketplace. Wherever you get your podcasts.

Marketplace Morning Report

Episode: The Data Breach That Hit Two-Thirds of a Country
Host: Gideon Long, Marketplace/BBC World Service
Aired: December 29, 2025

Overview

Key Discussion Points & Insights

1. The Coupang Data Breach Crisis

Segment: [00:43–02:54]

Scale of the Breach:
- Coupang, known as the "Amazon of South Korea," faced a breach exposing data for as many as 33 million accounts—equivalent to about two-thirds of South Korea's population.
- Despite early fears, the company later confirmed that only about 3,000 accounts' data was stolen.
- Compromised details included names, email addresses, and residential addresses.
Timeline & Company Response:
- The breach began in June 2025, but Coupang didn't discover it until November—almost a five-month delay.
- CEO publicly apologized for not catching the breach sooner.
- Early on, 4,500 accounts showed signs of abnormal activity but the significance was not fully realized.
Perpetrator & Ongoing Investigation:
- The breach is believed to have been carried out by a former Coupang employee who had worked on authentication systems.
- Data was copied to the individual's personal computer; no evidence of further distribution or sale.
- Critically, there is no indication that financial data (credit cards, passwords) were accessed.
- The issue is under parliamentary review, with hearings scheduled.

Notable Quote:

"It was personal data for almost 2/3 of the South Korean population... pretty much most of the adult population."
— Archana Shukla, [01:11]

2. Broader Business & Market Updates

Segment: [02:55–03:33]

Commodities:
- Copper prices surge above $12,000 a ton amid supply concerns.
Tech Markets:
- Apple overtakes China's Vivo as India's largest smartphone vendor, selling over 6.5 million iPhone 16s in 2025.

3. Global Surge in Corporate Hacks

Segment: [03:33–06:28]

2025: Record Year for Cyberattacks:
- High-profile hacks affected major retailers in the UK (Marks & Spencer, Co-Op, Harrods), causing real-world supply disruptions such as empty store shelves.
- Jaguar Land Rover was hit—halting car production and impacting the UK economy to the extent that a cyberattack was officially cited as a drag on GDP.
- Japanese brewer Asahi was also targeted.
Who’s Behind the Attacks?
- Continuation of ransomware attacks tied to Russian-speaking cybercriminals.
- Distinct resurgence of teenage English-speaking hacker collectives, conducting major attacks, including on airlines (e.g., Qantas).
- Many attacks employed "social engineering"—tricking help desks and employees to gain access.

Notable Quotes:

"This year we've seen some very visible and tangible impacts... not just the companies affected but society in general."
— Joe Tidy, [03:40]

"We saw for the first time this year [a company] mention the cyber attack as having a natural effect on the economic output of the country."
— Joe Tidy, [04:20]

"Quite often it is people using con men like tactics to trick their ways into companies."
— Joe Tidy, [05:52]

4. Looking Forward: Lessons for 2026

Segment: [05:21–06:28]

Wake-up Call for Corporate Cybersecurity:
- Companies are expected to reconsider cyber risk, not just as a technical issue but a major operational and societal threat.
- Social engineering, rather than just technical trickery, is now front and center.

Notable Quote:

"You'd like to think it's a bit of a wake up call... I thought of cyber as near the top of my risk register, but I didn't expect it to have this much impact."
— Joe Tidy, [05:28]

5. Other Notable Stories

Segment: [06:29–07:14]

Historical Discovery:
- A 900-year-old silver coin, the oldest minted in Scotland, found by a metal detectorist and now acquired for a museum.

Memorable Moments & Quotes (With Timestamps)

On the scale of Coupang’s breach:
“Personal data for almost 2/3 of the South Korean population... pretty much most of the adult population.”
— Archana Shukla [01:11]
On the delayed discovery:
"The breach of the servers apparently began in June... but the company didn't notice anything until November."
— Gideon Long [01:39]
On cybercrime’s effect on society:
"This year we've seen some very visible and tangible impacts..."
— Joe Tidy [03:40]
On social engineering as a threat:
"Quite often it is people using con men like tactics to trick their ways into companies..."
— Joe Tidy [05:52]

Timestamps for Key Segments

[00:43–02:54] — Coupang data breach details with Archana Shukla
[02:55–03:33] — Global market/business news (Copper, Apple)
[03:33–06:28] — 2025 cyberattack overview and discussion with Joe Tidy
[06:29–07:14] — Discovery of Scotland’s oldest coin