[News Space=Reporter seungwon lee] Controversy over insider trading is spreading as it has been confirmed that former and current key executives of Coupang, where a large-scale personal information leak occurred, sold billions of won worth of company stock before learning of the incident.
According to a U.S. Securities and Exchange Commission (SEC) filing, Chief Financial Officer (CFO) Garab Anand sold 75,350 shares of Coupang Inc. at $29.0195 per share on November 10, netting $2.186 million (approximately KRW 3.2 billion) in cash. Former Vice President Pranam Kolari also reported selling 27,388 shares on November 17, netting $772,000 (approximately KRW 1.13 billion).
Comparison of the timing of leak awareness and executive sales
On November 18th, Coupang officially acknowledged that the personal information of 33.7 million customers had been leaked through unauthorized access. However, executives sold their stocks on November 10th and 17th, confirming that this occurred before the company was aware of the breach. According to a breach report released by the Ministry of Science and ICT (MSIT), the unauthorized access occurred at 6:38 PM on November 6th, but Coupang only became aware of it 12 days later, at 10:52 PM on November 18th.
Coupang explains, "The deal was planned a year ago."
In an SEC filing, CFO Anand stated that the sale was made pursuant to a trading plan pre-adopted on December 8, 2024, primarily to meet specific obligations, including tax payments. This was explained as an automated transaction executed on a pre-determined schedule, in compliance with the SEC's Rule 10b5-1, an anti-insider trading regulation. Former Vice President Kolari also notified his resignation on October 15, and SEC regulations require disclosure of any sale of 5,000 shares or more, even after his departure.
The Personal Information Protection Commission orders Coupang to re-notify the company of the data leak.
The Personal Information Protection Commission held an emergency general meeting on December 3 and ordered Coupang to change the personal information 'exposure' notification to a 'leak' notification and to re-notify by reflecting all leaked items without exception.
The Personal Information Protection Commission (PIPC) pointed out that Coupang, despite confirming the leak of customer personal information, issued a notice under the headline "Exposure." The notice period on its website was short, at one to two days, and certain details, such as the shared entrance password, were omitted, leading to public confusion. Accordingly, Coupang must submit the results of its actions within seven days, and the PIPC plans to continuously monitor its compliance.
Leaked items and extent of damage
The leaked information included customer names, email addresses, phone numbers, shipping addresses, and some order information, affecting an estimated 33.7 million people. Some victims even had their front door passwords leaked, raising concerns about secondary damage. Coupang initially announced the number of affected users at 4,500, but within ten days, the scale of the breach grew to tens of millions, highlighting the severity of the situation.
Experts: Insider Trading Controversy Continues
The timing of the executives' stock sales coincided with a personal information leak, fueling ongoing market suspicions of insider trading. While the company has denied the transactions were pre-planned, questions remain as to whether the sales, made at such a sensitive time, were truly unrelated. The Personal Information Protection Commission (PIPC) has stated that it will impose strict sanctions on Coupang if any violations of the Personal Information Protection Act are confirmed.
