SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Korean apartment night data breach red cameras binary thief cloud
#
Firewalls
#
Data Protection
#
Network Security

Coupang breach & camera hacks expose Asia cyber gaps

Wed, 17th Dec 2025
Author image
By Shannon Williams, News Editor

Cybersecurity experts have warned that recent incidents in South Korea point to deepening risks around identity security and connected devices across Asia's fast-growing digital economy.

South Korea's largest eCommerce platform, Coupang, disclosed a major breach that may have exposed data on about 34 million customers. The case has triggered political scrutiny in Seoul and renewed debate over corporate responsibility for data protection.

In a separate case, police in South Korea arrested four people over the alleged hacking of more than 120,000 internet-connected cameras in homes and businesses. Investigators said the suspects used access to the devices to create exploitative videos.

Both incidents highlight weaknesses in how companies and consumers manage digital identities, passwords and device security across the region's online services.

Asia Pacific is one of the world's largest online shopping markets. Major platforms such as Taobao, JD, Pinduoduo, Shopee, Lazada, Rakuten and Coupang process vast volumes of customer data and transactions each day.

Identity as 'new perimeter'

Takanori Nishiyama, SVP APAC and Japan Country Manager at Keeper Security, said the reported Coupang breach underlined structural problems in how large organisations control privileged access.

"The reported breach impacting tens of millions of Coupang customers is a clear reminder that identity security, not perimeter defence, is the defining weakness in many large-scale incidents today. If initial reports prove to be the case, which suggest the incident involved unauthorised use of internal authentication credentials, it reveals how quickly exposure can escalate when privileged access is not tightly governed.

We continue to see the same pattern right across the APAC region, with both internal and external threat actors leveraging compromised or outdated credentials, unrevoked access rights and weaknesses in identity governance. It is an entry point that allows cyber attackers to move through systems undetected, because it relies not on complex attack methods but systemic vulnerabilities that persist when privileged access controls are inconsistently enforced.

For organisations operating at the scale of major eCommerce platforms, privileged access must be strictly lifecycle managed. Access rights should be revoked the moment an employee leaves or changes roles. Authentication tokens, keys and passwords should never remain active beyond their intended use.

An incident such as this also highlights the importance of continuous monitoring and reporting. Maintaining real-time visibility into who is accessing what, and from where, is one of the most effective ways to detect unusual activity before it results in large-scale data exposure. Modern, AI-powered threat detection can identify and respond to threats in real-time, ensuring high-risk sessions are automatically terminated and all user activity is analyzed and categorized.

Third-party and internal access also require the same level of scrutiny. Whether access originates from a vendor, contractor, former employee, or a careless or malicious insider, every identity with elevated privileges represents a potential risk if not properly controlled. In modern digital ecosystems, identity is the new perimeter. Organisations that rigorously control, monitor and audit privileged access are far better positioned to limit the blast radius of a breach, regardless of where it begins.

For those customers whose personal information may have been compromised in this breach, the primary concern now will be targeted phishing, account-takeover attempts and identity fraud. Individuals should treat unsolicited communications with extreme caution, avoid password reuse across accounts and enable multi-factor authentication wherever possible."

Authorities and regulators across the region are already reviewing data breach laws. South Korea's president Lee Jae Myung has publicly called for tougher penalties for corporate negligence in data incidents in the wake of the Coupang case.

IP camera risks

Security concerns are also rising around internet-connected cameras in homes and workplaces. Analysts expect the Asia Pacific IP camera market to reach more than USD $7 billion by the end of 2025. Many of these devices are used as monitoring and security cameras.

Police in South Korea said the four arrested suspects allegedly accessed more than 120,000 IP cameras. Investigators said the devices were used in private and commercial settings.

Nishiyama said the reported camera case illustrated basic weaknesses in how many internet-connected devices are configured and maintained.

"The reports emerging from South Korea show just how easily internet-connected cameras can be weaponised when basic security controls are overlooked. IP cameras are often deployed with default passwords, outdated firmware and weak authentication, something cybercriminals are acutely aware of. Once a device is exposed, attackers simply automate credential-guessing to gain full access to live feeds and stored footage.

Users need to realise that any internet-connected device, from home cameras to enterprise security systems, can quickly become a security liability when identity and access controls aren't properly enforced. These cameras sit inside the network boundary, so once compromised, criminals can move laterally, harvest sensitive data or, as we've seen here, exploit private footage for financial gain.

Consumers concerned by these revelations should change default passwords immediately, using strong and unique credentials for all accounts, enable multi-factor authentication everywhere available and apply security updates as soon as they're released. Segregating IoT devices onto a separate network also limits the blast radius if one device is breached.

For organisations, particularly those deploying cameras in public-facing environments such as healthcare, retail and local government, this should serve as a wake-up call. Relying on consumer-grade setups is no longer acceptable and priority should be given to implementing enterprise-level identity security, enforcing password policies, centrally managing firmware updates and continuously monitoring for credential exposure.

Cybercriminals will always look to target the weakest link in the connected ecosystem. Strong authentication, least-privilege access and rigorous device governance remain the most effective defences. If organisations and individuals treat every internet-connected device as part of their security perimeter, incidents like this become far harder for criminals to exploit."

Related stories
Manual compliance strain fuels automation push - survey
Tanium named Leader in IDC report on Windows tools
Cobalt launches two-way Microsoft Teams pentesting tool
Ping Identity launches universal trust layer for ID
IBRS highlights Interactive’s sovereign-first cloud focus

Top stories

Check Point targets securing AI factories at runtime
Exclusive: Genetec dives into the latest State of Physical Security Report
Claroty names James Love as new Chief Revenue Officer
Attackers target AI agents with prompt & tool hacks
CoreView adds new tools for secure Microsoft 365 tenants