Coupang Faces Expanded Securities Class Action Amid Serious Allegations of Data Breach Impacting Investors

Coupang Faces Legal Challenges

Coupang, Inc. (NYSE: CPNG), the South Korean e-commerce giant, is currently entangled in a significant legal battle as a national shareholder rights firm, Hagens Berman, has expanded its class action lawsuit against the company. This lawsuit arises amid troubling allegations regarding a data security breach that has left numerous investors questioning the reliability of Coupang's disclosures.

Understanding the Expanded Class Period

The lawsuit has broadened its class period to include investors who bought Coupang securities between May 7, 2025, and December 16, 2025. The lead plaintiff deadline has been set for February 17, 2026, which gives affected investors an opportunity to seek redress.

The core of the complaint revolves around Coupang's declarations concerning its disclosure controls and transparency, particularly in light of cybersecurity protocols. Investors allege that the company was aware of significant vulnerabilities but failed to notify stakeholders adequately, leading to severe repercussions for those who held shares during this time.

The Nature of the Allegations

Coupang allegedly provided several assurances regarding the integrity of its cybersecurity frameworks. For instance, after the markets closed on May 6, 2025, the company declared in its quarterly report that its disclosure controls were sufficient and that there had been no material changes to risk factors affecting operations. Furthermore, just a month later, in June, Coupang released a privacy notice to customers, emphasizing its commitment to safeguarding personal information and minimizing exposure risks.

However, this narrative shifted dramatically when, on November 29, 2025, Coupang publicly acknowledged a data breach that initially affected about 4,500 customer accounts. As investigations continued, it was revealed that a staggering 33.7 million accounts in Korea were actually compromised due to unauthorized access by a former employee. This stark contrast between public communications and the reality of the incident has led to widespread investor outrage and suspicion regarding Coupang's corporate governance.

On December 16, 2025, the company confirmed the cybersecurity incident, acknowledging the possibility of material financial losses stemming from regulatory penalties and decreased revenue. Subsequently, Coupang announced a significant compensation plan, reportedly amounting to 1.685 trillion won (over $1 billion), to help restore customer trust after the breach.

Market Impact and Aftermath

The fallout from this breach has been catastrophic for Coupang, with an estimated $8 billion shed from its market capitalization in the days following the incident. Investors who relied on the firm’s reassurances regarding their data protection policies feel particularly wronged, as they witnessed a steep decline in the value of their investments in a relatively short time frame.

Reed Kathrein, the Hagens Berman partner leading the investigation, underscored the seriousness of the inquiry, stating, "We are investigating the alleged misstatements and why it allegedly took Coupang weeks to inform shareholders of a breach of this magnitude." This inquiry highlights the necessity for greater corporate accountability in the face of such severe operational failures.

Conclusion

As the legal process unfolds, the implications for Coupang could be far-reaching, affecting its reputation and trust with investors and customers alike. The outcome of this case could potentially reshape how corporations handle disclosures regarding cybersecurity incidents, emphasizing the importance of transparency and timely communication in safeguarding stakeholder interests. Investors who may have incurred losses are encouraged to act swiftly and engage with Hagens Berman to explore their options in this expanding legal landscape.