South Korean e-commerce giant Coupang hit by massive data leak

But later checks found that some 33.7 million customer accounts - all in South Korea - were likely exposed, said Coupang, adding that the breach is believed to have begun as early as June through a server based overseas.

The exposed data is limited to name, email address, phone number, shipping address and some order histories, Coupang said.

No credit card information or login credentials were leaked. Those details remain securely protected and no action is required from Coupang users at this point, the firm added.

The number of accounts affected by the incident represents more than half of South Korea's roughly-52 million population.

Coupang, which is founded in South Korea and headquartered in the US, said recently that it had nearly 25 million active users.

Coupang apologised to its customers and warned them to stay alert to scams impersonating the company.

The firm did not give details on who is behind the breach.

South Korean media outlets reported on Sunday that a former Coupang employee from China was suspected of being behind the breach.

The authorities are assessing the scale of the breach as well as whether Coupang had broken any data protection safety rules, South Korea's Ministry of Science and ICT said in a statement.

"As the breach involves the contact details and addresses of a large number of citizens, the Commission plans to conduct a swift investigation and impose strict sanctions if it finds a violation of the duty to implement safety measures under the Protection Act."

The incident marks the latest in a series of breaches affecting major South Korean companies this year, despite the country's reputation for stringent data privacy rules.

SK Telecom, South Korea's largest mobile operator, was fined nearly $100m (£76m) over a data breach involving more than 20 million subscribers.

In September, Lotte Cards also said the data of nearly three million customers was leaked after a cyber-attack on the credit card firm.