On December 22, 2025, South Korea's National Tax Service (NTS) initiated a large-scale special tax investigation into e-commerce giant Coupang, dispatching approximately 150 investigators to the company's Seoul headquarters in Songpa District and its logistics subsidiary, Coupang Fulfillment Services (CFS). The probe, led by the Seoul Regional Tax Office's Fourth Investigation Bureau—known for handling non-routine audits involving tax evasion, slush funds, and serious irregularities—and the International Transactions Investigation Bureau, is widely seen as extending beyond routine checks to scrutinize Coupang's overall financial structure, including cross-border dealings with its U.S.-based parent company.
Industry sources described the action as an "extraordinary" or "in-depth" audit, with investigators securing accounting records, financial documents, and other materials essential for the examination. While CFS is the nominal target—a wholly-owned subsidiary managing key logistics operations like warehousing, packing, and shipping—the involvement of the international bureau signals a focus on potential profit-shifting mechanisms, transfer pricing irregularities, and group-level transactions tied to Coupang Inc.'s U.S. headquarters in Seattle.
The NTS declined to confirm details, stating it cannot verify information regarding individual taxpayers or corporations. Coupang has not issued an immediate public response to the probe.
This development comes amid intense regulatory and public scrutiny following Coupang's disclosure last month of a massive data breach affecting 33.7 million customer accounts—nearly two-thirds of South Korea's population and the company's entire domestic user base. The breach, detected on November 18, 2025, after initial signs of unauthorized access to about 4,500 accounts, was later traced to prolonged exposure lasting up to five months via overseas servers. Compromised data included names, phone numbers, email addresses, delivery addresses, and partial order histories, though payment details and login credentials remained unaffected.
Investigations revealed that a former employee retained system access post-departure, enabling the breach. Reports have pointed to a Chinese national as a suspect, prompting police involvement. The incident has triggered multiple probes by regulators, including the Personal Information Protection Commission, the Ministry of Science and ICT, and police, alongside parliamentary hearings where Coupang executives faced questioning.
In the aftermath, Park Dae-jun, CEO of Coupang's Korean operations, resigned to take responsibility. Interim leadership has apologized publicly, but criticism persists over the company's initial downplaying of the incident—referring to it as "exposure" rather than a "leak"—and delayed acknowledgments, such as the compromise of apartment entry codes.
The breach has also sparked legal repercussions: U.S.-based investors filed a class-action securities lawsuit against Coupang in the Northern District of California, alleging violations of fiduciary duties, inadequate cybersecurity disclosures, and overstated safeguards in regulatory filings. Additionally, South Korean customers and lawmakers have raised concerns about governance and transparency.
Coupang, often dubbed the "Amazon of South Korea," dominates the domestic e-commerce market with its Rocket Delivery service and had around 24.7 million active users in Q3 2025. NYSE-listed since 2021, the company has expanded internationally but faces ongoing challenges, including labor disputes over worker conditions—eight deaths reported at facilities this year—and prior data incidents.
The timing of the tax probe, shortly after the breach's full revelation and parliamentary scrutiny, has fueled speculation that it forms part of broader governmental pressure on the firm. Analysts note that while Coupang's Korean unit underwent a routine audit last year, the deployment of elite investigation units indicates evidence of specific concerns, potentially including offshore tax strategies common among multinational tech firms.
Potential outcomes could include fines, adjustments to tax liabilities, or referrals for further action if irregularities are found. The probe underscores escalating oversight of Big Tech in South Korea, particularly regarding data protection, fair competition, and fiscal compliance.
As investigations proceed, market watchers anticipate impacts on Coupang's operations, stock performance, and reputation. The company has pledged enhanced cybersecurity investments, but restoring public trust amid multifaceted probes remains a significant challenge.
