Coupang Hit With Second U.S. Shareholder Class Action Lawsuit, Will $10.39 Million in Lobbying Deliver Results?

Legal Battle Intensifies Over Disclosure Obligations of U.S.-Listed Companies
Key Issues Center on Knowledge and Concealment of Data Breach and Causal Link to Stock Price Distortion
Company Expected to Activate U.S. Political and Regulatory Lobbying Network as Defensive Strategy

Shareholders in South Korea and the United States have filed a class action lawsuit against Coupang in the United States. The plaintiffs allege that the company downplayed and concealed a massive personal data breach while overstating its cybersecurity posture, thereby artificially inflating its stock price, and have filed suit in federal court. The core question is the extent of responsibility borne by Coupang Inc., a U.S.-listed company, for a data breach that occurred in South Korea. Depending on whether the incident is viewed as an operational issue confined to the Korean subsidiary or as a material risk that headquarters knew of or should have managed, the nature and scale of Coupang’s legal exposure could shift significantly. As the dispute unfolds, Coupang is expected to mobilize the broad-based lobbying network it has built across U.S. political and regulatory circles over the past five years, staking everything on preventing a worst-case scenario in which a Korea-originated issue escalates into a parent-company liability.

Shareholders Claim Losses From Stock Decline Due to False and Inadequate Disclosures

According to the complaint filed on January 7 in the U.S. District Court for the Western District of Washington, the plaintiffs—comprising Coupang shareholders from both the United States and South Korea—included allegedly false and misleading statements made in Korea as part of the lawsuit and filed the case in Seattle, where Coupang’s U.S. headquarters is located. The plaintiffs argue that because these statements and disclosures directly affected the price formation of Coupang shares listed on U.S. exchanges, U.S. jurisdiction is warranted.

The co-defendants named in the suit include Coupang Inc., its Korean subsidiary, and individual executives, including Chairman and Chief Executive Officer Bom Kim, Chief Financial Officer Gaurav Anand, and Chief Information Security Officer Bret Matthes. The plaintiffs contend that these defendants violated federal securities laws.

The complaint alleges that while Coupang stated in periodic disclosures and quarterly reports that it was appropriately managing cybersecurity risks, in reality its security procedures and controls to prevent internal and external intrusions were inadequate. In particular, the plaintiffs point to a breach that allegedly occurred on overseas servers beginning around June last year, potentially exposing the account information of approximately 33.7 million Korean customers, and argue that Coupang initially provided only limited explanations. According to the complaint, the compromised data included names, addresses, phone numbers, delivery addresses, and order histories, while payment information and passwords were reportedly excluded. Subsequent investigations, however, expanded the scope of the issue amid reports that “nearly all users in Korea may have been affected.”

The stock price trajectory is also a central point of contention. Coupang shares declined each time details of the breach were disclosed in stages, and the plaintiffs argue that the stock price had been artificially propped up by false or omitted disclosures before plunging once the truth emerged. As a result, all investors who purchased Coupang shares between May 7 and December 16 of last year are included in the class. This group encompasses Coupang shareholders residing in both South Korea and the United States. The plaintiffs assert that Coupang violated Section 10(b) of the U.S. Securities Exchange Act and the Securities and Exchange Commission’s Rule 10b-5, arguing that management was in a position to recognize security vulnerabilities and breach risks but failed to disclose them, instead repeatedly issuing positive messages that misled the market.

Multiple consumer class actions related to the data breach are currently underway, but shareholder securities class actions against Coupang are reportedly limited to two cases, including the present lawsuit and another filed on December 28 last year in the U.S. District Court for the Northern District of California. According to the Northern District court, Coupang shareholder Joseph Berry filed a securities class action against Chairman Kim and CFO Anand, representing similarly situated shareholders. Given the nature of class actions, the number of participating plaintiffs is expected to grow.

Lawrence Rosen, the attorney representing the shareholder class, stated in the complaint that the incident is “widely regarded as the largest personal data breach in Korean history” and argued that investors suffered losses because Coupang made false or misleading statements or failed to make required disclosures. Rosen further stated that “due to inadequate cybersecurity protocols, a former employee was able to access sensitive customer information for approximately six months without detection,” adding that “as a result, the risk of regulatory and legal scrutiny facing Coupang increased materially.”

U.S. Litigation Risk? A Robust Shield of Political Lobbying

Legal observers note that Coupang may counter by arguing that the leaked data does not constitute highly sensitive information under U.S. standards. Reuters previously reported on December 17 that Harold Rogers, Coupang’s interim representative, told a hearing of the Korean National Assembly that the incident was unlikely to amount to a violation of U.S. personal data laws. The implication is that while an incident occurred, it does not rise to the level of a material event requiring SEC disclosure.

Coupang’s lobbying activities in the United States also loom as a key variable. According to F Minus, a U.S. Senate lobbying disclosure database, Coupang spent a total of $10.39 million on lobbying from 2021, shortly after its listing, through the third quarter of last year. The scope of its lobbying has been broad, including contributions such as a $1 million donation to the Trump Presidential Inaugural Committee in December 2024. Targets reportedly included not only the U.S. Senate and House of Representatives but also the Department of Commerce, the State Department, the Office of the U.S. Trade Representative, the White House, and the National Security Council.

Coupang’s lobbying narrative is explicit: it positions itself as a “U.S. technology company operating in Korea.” Lobbying reports filed with Congress emphasize agendas such as expanding the use of Coupang’s digital, distribution, and logistics services by U.S. agricultural producers and small businesses, and strengthening economic and commercial ties with allies including South Korea, Taiwan, and Japan. The underlying logic is that taking action against Coupang would run counter to U.S. national interests.

Perhaps reflecting the impact of these efforts, U.S. political figures have issued a series of critical remarks following the data breach, arguing that Korean authorities are applying excessive pressure on Coupang. Robert O’Brien, who served as National Security Advisor during the first Trump administration, wrote on X on December 24 that “President Trump worked hard to restore balance in U.S.–Korea trade relations, and it would be deeply regrettable if Korea undermined those efforts by targeting an American technology company.” Conservative political commentator Steve Cortes also posted on X that “the Korean government is sanctioning Coupang, an American company that has made massive investments,” describing the situation as a “betrayal of American companies by Korea.”

The U.S. Chamber of Commerce has likewise sent a letter to the Korean National Assembly arguing that it is unreasonable for the Korea Fair Trade Commission to place the burden of proof solely on Coupang. The Korean government is reportedly monitoring the situation closely, mindful of the possibility that the issue could escalate into a trade or security dispute. Experts interpret Coupang’s extensive lobbying as a calculation aimed at minimizing disadvantages in the United States rather than in Korea, noting that for a U.S.-listed company, SEC sanctions or domestic judicial risks pose a far greater threat than local public opinion or administrative penalties.

After Shedding ‘IPO Deception’ Allegations, Can Coupang Again Prevail?

As shareholder litigation against Coupang intensifies, industry observers are also revisiting the outcome of a previous U.S. shareholder class action that concluded last year. On September 11, the U.S. District Court for the Southern District of New York dismissed and closed a class action filed by Coupang shareholders in 2021. The lawsuit had been brought after Coupang’s stock price fell sharply following its March 2021 listing on the New York Stock Exchange, with plaintiffs alleging that Coupang’s IPO registration statement contained false and misleading information.

The plaintiffs claimed that Coupang concealed poor working conditions and high employee turnover at its logistics centers, manipulated search results to favor private-label products, directed employees to post positive reviews, and unfairly pressured suppliers to lower prices. Coupang’s stock surged to an intraday high of $69 on its first day of trading but fell below $10 by May 2022, amplifying investor losses.

The court sided with Coupang. In his ruling, Judge Vernon S. Broderick stated that the plaintiffs failed to demonstrate that Coupang or its executives acted with intent to deceive investors. He found that claims regarding working conditions were potentially misleading and that allegations concerning supplier relations were “hyperbolic.” The court noted that Coupang had already disclosed the practice of employees writing product reviews and that claims of price manipulation lacked concrete evidence, ultimately rejecting the shareholders’ arguments. While the ruling allowed Coupang to shed early post-IPO legal risks tied to its stock decline, some critics continue to argue that the outcome reflected the effects of an aggressive lobbying campaign, raising questions over whether political and regulatory influence has repeatedly blunted accountability when controversies emerge.