● Humanoid Kickstorm Sparks AI Gold Rush, Lawsuit Chaos, Pilot-Deal Frenzy
From a 540-Degree Spinning Kick Robot to the “Robot Influencer Lawsuit”… The 5 Truly Important Changes Shaping the Humanoid Market Right Now
This article collects only the points that are changing the robot/AI landscape “right at this moment.”
① Why China’s EngineAI “T800” combat-level performance is both a warning sign and an opportunity
② Why the “Isn’t this CG?” controversy keeps repeating—and the real reason companies release “making films”
③ Why the “running” shown by Tesla Optimus and Figure is a turning point for industrial robots
④ What changes the moment robot influencers become “economic actors” (= revenue, insurance, law, liability)
⑤ And a separate整理 of the “truly important core (commercialization/regulation/value chain)” that other YouTube/news rarely explain
1) Today’s Key News Briefing: A “Combat-Level Humanoid” Stepped in Front of the Public
1-1. The Star: Chinese Startup EngineAI’s Humanoid “T800”
In the original text, the T800 demonstrates high-difficulty full-body coordination moves such as a “540-degree spinning kick,” “jump kick,” and “b-boy moves.”
With a height of about 175 cm and a weight of about 75 kg, the message hits harder because it’s a “humanoid close to a human weight class.”
A torque (joint driving force) spec is mentioned at around 450, but more important than the number itself is that “high-output actuation + balance control + fast motion planning” are working together at the same time.
1-2. How Companies Respond to the “Isn’t This CG?” Controversy: Making Films, Live Tests
These days, whenever a Chinese robot video comes out, CG/compositing suspicions tend to follow.
So companies also release making films (shooting sites, test processes), and this should be seen not as a simple explanation but as a trust-building device aimed at “investment/customers/government procurement.”
However, as the original text also notes, the possibility of “cherry-picking (only releasing the best cut out of dozens of tries)” always exists.
In other words, videos can prove technical capability, but “reproducibility” and “continuous operation (20 minutes to several hours) endurance” are separate issues.
1-3. Autonomy or Script Playback: What the “Tablet Operator” Implies
The original text gives one key clue.
A person controlling things with a tablet keeps appearing next to it.
This suggests that many humanoid demos are still likely at the stage of building a “behavior library/imitation learning” and executing it via commands.
True industrial “Physical AI” must reliably connect environment perception → decision-making → action end-to-end, and that barrier is still high.
2) Comparative News: The Meaning of “Running” Shown by Figure and Tesla Optimus
2-1. Figure: The Center-of-Mass Shift Looks Human-Like During Acceleration/Deceleration
In slow motion, the pattern of the upper body leaning forward during acceleration and leaning back during deceleration is a sign that “dynamic stabilization” has improved quite a bit.
Walking and running differ in difficulty; running sharply increases control difficulty because there are moments when both feet are off the ground at the same time.
2-2. Tesla Optimus: What the Heel-to-Toe Running Pattern Symbolizes
The original text mentions heel-to-toe running that goes from “heel → toe.”
This matters not just because “the form looks natural,” but because it directly impacts shock absorption, energy efficiency, joint protection, and stability during continuous motion.
Humanoids ultimately must enter factories/logistics/service sites, and those environments vary widely in floor conditions, slopes, and obstacles—so “mobility stability” directly determines commercialization speed.
2-3. The Pace of Progress Compared to Videos from Two Years Ago: Robotics’ “Diffusion Phase”
Two years ago, awkward and slow walking was a target of ridicule; now running/jumping/spinning motions show up as demos.
This phase often appears as a diffusion pattern when technology moves from “lab showcase → productization competition.”
From here, supply chain, cost, and manufacturability become the battleground as much as performance does.
3) Incident News: The Ripple Effect of a Scene Where a “Robot Influencer” Filed a Complaint
3-1. Not Just a Happening—A Signal That “Robots Have Become Revenue-Generating Assets”
According to the original text, the famous streamer iShowSpeed hit or damaged a robot influencer (referred to as “Rizz”),
and a complaint was pursued on the grounds that damage to visual/auditory sensors and ports prevented business activity (content production), causing losses.
This is important because it means robots are starting to be treated not as “toys,” but as “revenue devices.”
From this moment, robots enter domains such as accounting assets (depreciation), insurance (device insurance/liability), contracts (rental/appearance), and legal responsibility (damage/safety).
3-2. Issues That Will Grow: “If You Hit a Robot, Is It Property Damage? Business Interference?”
Because it’s a case of damaging “equipment that generates revenue,” not injuring a person,
similar cases going forward will hinge on damage calculations (repair cost + downtime revenue loss), safety management duties, and contract clauses for filming sites.
As robots commercialize, these disputes will increase.
4) Reinterpreting from an Economic Perspective: The Real Impact the Humanoid Boom Has on the “Global Economy”
From here, I’ll summarize the points that investors/companies/policymakers should look at from an economic blog perspective.
I also naturally incorporate important SEO keywords in the text: interest rates, inflation, recession, exchange rates, real estate
4-1. Humanoid Commercialization Doesn’t Just Affect “Labor Costs”—It Hits the “Production Function”
Leaving aside the debate of whether they replace humans or not,
if humanoids can perform a certain level of work reliably, the company’s production possibility curve itself changes.
In countries with rapid aging (including Korea), this can be a card that eases labor supply constraints.
4-2. Conditions Under Which Robot Adoption Accelerates in an Interest-Rate/Inflation Environment
When interest rates are high, companies become conservative about CAPEX (capital expenditure),
but at the same time, if inflation raises labor/operating costs, automation ROI can improve sharply.
So it’s not “high rates = always bad news”;
the moment robots cross a threshold versus humans in cost/safety/quality, there are phases where adoption jumps instead.
4-3. Exchange Rates Determine the Robotics Industry Value Chain
Core humanoid components (reducers, motors, batteries, sensors, computing boards, cameras/lidar, etc.) span a global supply chain.
Exchange-rate fluctuations shake both component costs and export competitiveness.
In particular, if Chinese companies aggressively cut prices, firms in other countries must either go “premium (safety/trust/service)” or specialize in specific industry verticals.
4-4. Sectors Where Robots Hold Up Even in a Recession Scenario
In a recession, overall investment sentiment weakens,
but logistics/distribution automation, manufacturing quality control, substitution for hazardous work (tightening safety regulations), and defense/public safety often retain budgets relatively well.
Especially in sites with high “accident costs” (distribution centers, construction, plants), robots can be adopted not for simple productivity but for “risk cost reduction.”
4-5. It Also Connects to Real Estate: Structural Shifts in Demand for Logistics Centers and Smart Factories
As humanoids/automation spread, the design of logistics centers and factories changes.
As factors like circulation paths, ceiling height, flooring materials, charging infrastructure, safety zones, and network coverage become more important,
assets equipped with smart logistics infrastructure are likely to earn a relative premium.
5) The “Most Important Content” Others on YouTube/News Often Miss (Key Points Separately Summarized)
5-1. “Combat Demos” Are Marketing, but the Real Battlefield Is “Duty Time” and “Failure Rate”
Enterprise customers look at this, not flashy kicks.
How many hours it lasts on battery, how safely it recovers after falling, what the joint/gearbox lifespan looks like, whether thermal management works.
If these metrics aren’t disclosed, the video may be powerful, but it’s hard for it to turn into contracts.
5-2. “End-to-End Autonomy” Is Still Far Off, and for Now “Semi-Autonomous + Remote” Makes Money
As hinted by the tablet operator,
early commercialization is most realistically a combination of “remote operation + partial autonomy (safety/balance/basic motions),” not full autonomy.
Companies that make money here will end up collecting data (real on-site data),
and that data may create a virtuous cycle that raises autonomy performance again.
5-3. The Essence of the Robot Influencer Incident: When “Robots = Media Channels,” Valuation Changes
The moment robots don’t make money only in factories,
but also make money through content/advertising/event appearances, the “economic value of the robot” exceeds the hardware price.
From then on, metrics like followers, views, and brand sponsorship rates get reflected in robot valuation.
In other words, “Physical AI” expands beyond manufacturing into the media/advertising market as well.
5-4. The Next Regulatory Point Isn’t “Violence,” but “Safety Certification and Liability Attribution”
When combat motions go viral, emotional reactions like “it’s dangerous” come first,
but real-world regulation is usually organized around industrial safety standards, on-site liability attribution (operator/manufacturer/software supplier), and insurance systems.
In the end, what opens the market is not performance but “certification/liability/maintenance systems.”
6) The Next 6–12 Months Checklist: Humanoid/Physical AI Trend Outlook
6-1. From Demo Competition → Pilot Contract Competition
Now, rather than “it ran/it kicked,”
the battleground becomes which factories/logistics/retail sites each company has secured pilots with.
6-2. The Winner Is Decided Not by “Hardware” but by the “Operating System (Service/Data/Remote Monitoring)”
Once deployed on-site, failures, obstacles, and edge cases are 90%.
Remote monitoring, OTA updates, parts replacement lead time, and maintenance SLAs are what earn trust.
6-3. As China-Driven Price Pressure Grows, Korean Companies’ Opportunity Lies in “Specific Industry Specialization”
Going head-to-head with general-purpose humanoids will be tough.
Instead, specialization in high-difficulty sites like semiconductors/secondary batteries/displays/hospitals/nursing care/plants offers big opportunities.
< Summary >
EngineAI T800’s combat-level motions show that “robot whole-body control has surged.”
However, the presence of a tablet operator suggests many demos may still be in a “semi-autonomous/script playback” stage.
Figure and Tesla Optimus’s running is a signal that mobility stability is the key to commercialization.
The robot influencer complaint incident is a turning point where robots enter as “revenue-generating economic assets.”
The real competition is decided not by flashy demos, but by duty time, failure rate, safety certification, and responsibility/insurance/maintenance systems.
[Related Posts…]
- Humanoid Robot Commercialization: The Structure That Makes Money in Manufacturing and Logistics Sites
- Tesla Optimus Update Roundup: The Next Step in the Physical AI War
*Source: [ 월텍남 – 월스트리트 테크남 ]
– 와..진짜 이번 로봇은 차원이 다르네요..ㄷㄷ
● Broadcom Boom, Stock Bloodbath After AI Hype Peak
Broadcom (AVGO) “Earnings Were Insane but the Stock Crashed” — What It Really Means: The AI Semiconductor Rally Is Entering a More Dangerous Phase
Today’s post includes the following.
Why Broadcom plunged intraday even though EPS/revenue/AI growth were all “surprises.”
Whether what truly scared the market was the timing of OpenAI-related revenue, or valuation (already priced in).
And how this issue could spill over across AI-related stocks like NVIDIA and AMD.
Lastly, I’ll separately organize the points that matter more to investors—things the news rarely emphasizes.
1) One-line summary of today’s news (market reaction)
Broadcom jumped as much as +4% right after earnings, then plunged to -5% as the earnings call/guidance was interpreted—breaking the “strong earnings = stock up” formula.
This pattern has become a typical move repeatedly seen lately in stocks where AI expectations have piled up excessively.
2) If the results were “genuinely great,” why did the stock fall?
2-1. Looking only at the numbers: Yes, it was a surprise
EPS beat expectations (1.87 dollars) with actual results (1.95 dollars).
Revenue also came in around 18.0B dollars, above Wall Street expectations (often referenced around ~17.4B dollars), which can be summarized as +28% year-over-year growth.
AI-related revenue—the key—grew +74% quarter-over-quarter, and management even mentioned the possibility of nearly +100% growth next quarter, so the “AI drive” looked excellent.
2-2. Yet it still crashed: 3 triggers the market focused on (from the earnings call)
(1) “OpenAI-related revenue may not be large even in 2026”
The market had big expectations around a massive OpenAI data center buildout (on the order of 10GW) plus Broadcom’s custom-chip deployment.
But the CEO’s comments sounded like “even in ’26, the revenue contribution may not be big,” and for investors that translates roughly into this:
“Even if the backlog is large, if revenue recognition timing keeps getting pushed out, it’s hard to push the stock higher right now.”
(2) More AI systems (full-package) sales → near-term margin decline
The CFO mentioned that Q1 gross margin could fall by about 1 percentage point.
This isn’t just “1%”; what the market reacted to is the signal that “as AI exposure grows, margins may not necessarily improve—component costs (HBM, etc.) can come along and make margins wobble.”
In particular, HBM value tends to accrue more to memory players like SK Hynix, while Broadcom could see margin pressure in the “package/system” layer—an interpretation that gained traction.
(3) The deciding blow was ‘valuation (priced in)’
Even with strong results, if the stock has already pulled too much of the future forward (i.e., P/E burden), even small uncertainties can trigger a sharp selloff.
In the original context, Broadcom’s forward P/E was cited around ~49–50x, which was also relatively heavy versus NVIDIA (~30s) and AMD (~40s).
In other words, it’s less “the earnings were bad” and more “the price was one that only holds if everything is perfect.”
3) Why the structure resembles Oracle (ORCL)’s plunge
Oracle also swung hard on the fear that “there are lots of orders/contracts, but they aren’t showing up as revenue.”
Broadcom is the same: “contracts, backlog, and expectations” are large, but what investors want now is not a dream—it’s cash flow/revenue recognition.
In a high-rate environment, the market especially values “money this quarter/next quarter” more than “money someday.”
The key SEO linkage here is that the higher interest rates are, the more easily growth-stock valuations can get shaken.
4) Reframing Broadcom’s business structure from an “AI investor” perspective
4-1. Two revenue engines: Semiconductors (~70%) + Infrastructure software (~30%)
Semiconductor solutions are the center of growth, and AI is exploding within that segment.
Infrastructure software acts as a highly cash-generative stabilizer (with very high margins).
This combination makes Broadcom look not like a simple semiconductor company, but a “hardware + software hybrid cash machine.”
4-2. AI core: Custom ASIC (made-to-order semiconductors) + data center networking
Broadcom’s AI strength is less about “replacing GPUs” and more about custom ASICs optimized for what Big Tech wants.
Big Tech can also go directly to TSMC on its own, but in many cases they still “co-design + turnkey package” with a company like Broadcom that has deep data center optimization experience.
And networking is an easy-to-miss point in the market.
AI bottlenecks are not just chip performance, but “scale-out” across interconnected data centers.
Broadcom supplies the full stack needed for data center connectivity—network switches (e.g., Tomahawk series), Ethernet/PCIe, DSP, and more.
So as AI demand grows, not only “compute chips” but also “connectivity infrastructure” grows alongside it—and Broadcom is strong in that area.
4-3. Why software (especially VMware) matters
VMware was like a standard for virtualization/resource allocation in data centers.
For Broadcom, it means securing a layer that can elevate data center operations into “software-defined” on top of its networking/hardware base.
The margin structure is also strong (ultra-high margin), and it becomes a revenue stream with more defensiveness than semiconductors through economic cycles.
That’s why AVGO is evaluated not as a simple AI theme stock, but as a portfolio company.
5) The signal this drop sends to the broader AI stock universe (important)
This incident is less “AI is rolling over” and more a signal that as AI investment moves to the next stage, the market’s evaluation criteria are changing.
Now,
① AI revenue growth rate alone isn’t enough, and you must also clear,
② when that revenue is recognized (timing),
③ whether margins improve alongside it (profitability),
④ whether valuation has already priced it in
—all four at the same time for the stock to hold up.
Here, especially high-valuation AI names in the U.S. stock market can see volatility spike on even small comments.
6) The “most important points” that other news/YouTube relatively underemphasize
Point A: What the market truly feared wasn’t ‘OpenAI risk’ but ‘revenue recognition delay risk’
It’s easy for this to drift into gossip about whether OpenAI is fine, but what investors are more sensitive to is “even if a mega project exists, when does it actually print in quarterly results?”
AI infrastructure has a long CAPEX cycle, and data centers are prone to schedules slipping due to power, permitting, and construction delays.
In other words, the essence of uncertainty isn’t who the customer is—it’s “when do construction/deployment schedules show up as reported results?”
Point B: ‘Expanding AI system sales → margin decline’ could be temporary—or structural
As full-package AI offerings grow, revenue grows, but margins can get squeezed as component/procurement costs rise.
If this is temporary (early adoption/bundling phase), the selloff becomes an opportunity,
but if it’s structural (the more hardware-heavy it becomes, the lower-margin it gets), Broadcom’s premium P/E itself may be re-rated.
From next quarter onward, what matters more than “AI revenue growth rate” is “the profit contribution of the incremental AI revenue.”
Point C: The AI market is shifting from a ‘growth stock’ story to a ‘cash flow/valuation game’
In a high-rate environment, valuation overwhelms everything.
So even with strong earnings, if guidance isn’t “perfect,” stocks fall; conversely, even if the numbers are average, if guidance is clear, stocks rise.
This flow is likely to keep applying across the broader AI semiconductor space (including the NVIDIA ecosystem).
7) What to watch next (investor checklist)
1) In next quarter’s guidance, how customer/product mix within AI revenue changes.
2) Whether the gross margin decline is one-off, or repeats as system mix expands.
3) Whether custom ASIC backlog remains just a “big number,” or converts into quarterly revenue in a regular way.
4) For the stock to rise again, whether it needs a zone where the valuation (forward P/E) burden eases more than stronger results.
5) Whether the AI infrastructure investment cycle becomes more volatile as it intersects with rates/the economy (= macro variables).
< Summary >
Broadcom delivered strong EPS/revenue/AI growth, but it dropped sharply as the earnings call combined a nuance that “OpenAI-related revenue recognition may be delayed” with “margin decline due to expanding AI systems.”
The core issue isn’t weak results, but that at an excessively expensive valuation, small uncertainty became the trigger.
This move reads as a signal to the broader AI space: “Now you must prove not just growth rate, but revenue timing, margins, cash flow, and P/E all at once.”
[Related posts…]
- Broadcom (AVGO) Custom ASICs and Data Center Networking: Where Is the Real Money-Making Segment?
- Investment Points in OpenAI’s 10GW Data Center Project: From Power and Infrastructure to the Semiconductor Supply Chain
*Source: [ 월텍남 – 월스트리트 테크남 ]
– 미친실적인데 왜 폭락..? 상당히 불길합니다. AI관련주 초비상?
● Nationwide Data Heist, Coupang-Netmarble-Upbit Fallout
Why “Everyone Got Stripped Clean” Is Not an Exaggeration: 10 Things That Must Change Starting Today After the Coupang, Netmarble, and Upbit Incidents
In this post, I organized it like this.
In Coupang’s 33.7 million-user leak, what the “truly scary points (delivery address book, front-door passcodes, even other people’s info)” actually are.
Why Netmarble’s 37 million-record leak drew the phrase “a total mess” (data governance collapse).
Why Upbit’s 44.5 billion KRW theft shouldn’t be treated as lighter than personal-data leaks (nation-state-grade attacks / money-laundering patterns).
And a realistic response checklist individuals can act on immediately (phishing/smishing, accounts, finance, and even a family security passphrase).
Lastly, I separately pulled together and summarized “the most important essence” that the news doesn’t talk about much.
1) Today’s Issue Briefing (News-Style Summary)
1-1. Coupang: 33.7 Million Users Leaked—Not Just “My Info,” but Also “Other People’s Info I Saved” Gets Shaken
The officially disclosed leaked items are summarized as name, email, phone number, delivery address book, and the most recent five order details.
The problem is that the “delivery address book” isn’t just my home address.
It can be bundled with my parents’ address, a friend’s gift address, recipient phone numbers, and shared-entry access information (front-door passcodes/entry instructions).
In other words, if one account is compromised, the “other people stored” in that account are exposed together—that was the structure.
As for the cause, rather than an external hack, the key point being mentioned is an internal control failure: “a resigned employee’s account/permissions (auth key) remained and kept working.”
Put simply, it’s close to a case where someone resigned but the “master key” wasn’t returned/expired properly.
1-2. Netmarble: 37 Million Records (About 6.1 Million People + Massive Inclusion of Dormant Accounts), Beyond a “Security Incident” to a “Data Management Collapse”
For Netmarble, the main leaked items discussed are ID/Name/Date of Birth/Encrypted Password.
The reason the number grew larger is the context that “dormant account data (in bulk)” got mixed in, swelling it to 37 million records.
But the bigger problem is that “the leak scope is too chaotically broad.”
Pre-2015 PC bang (partner store) information, some current/former employees, customer service inquirers, job applicants, event visitors, B2B contacts, etc.
Rather than one place getting breached, it gives the impression that “data scattered everywhere, not even properly organized,” was left in a state where it could be accessed.
This isn’t something solved by simply installing more security solutions; it’s a form where data governance itself (retention/disposal/segregation) has collapsed.
Additionally, a trend of reduced security investment (e.g., decrease from 2021→2023) is also mentioned, but
the important point is that the “investment amount” itself isn’t the essence; what matters more is “where it was spent (an optical illusion where costs like legacy server replacement get counted as security investment).”
1-3. Upbit: A 44.5 Billion KRW Case Where “Money (Assets)” Was Stolen, Not Personal Data—The Pattern Suggests Possible Nation-State-Grade Attacks
Upbit is summarized not as a personal-data leak but as a theft totaling about 44.5 billion KRW in customer/company assets (customers 38.6 billion + company 5.9 billion).
It occurred in a hot wallet (an online-connected wallet), and signs are mentioned that it was distributed across many coins (about 24 types).
On the response side, it is evaluated relatively positively that they acknowledged “it’s our fault” and quickly announced a full reimbursement policy for customer losses.
However, similar money-laundering (mixing) patterns to the past (the major 2019 theft), and flows of moving funds to other exchanges are discussed, and
while the possibility of organized attacks such as from North Korea is mentioned, there is also a counterpoint that the “North Korea” frame is a common variable that muddies investigations.
2) The Real Damage Scenarios These Leaks/thefts Create for Us
2-1. “Sophisticated Smishing/Voice Phishing” Levels Up
In the past, spam was blasted to random masses and profited if it caught someone,
but now, contextual information like “what you bought on Coupang yesterday” gets attached, and credibility shoots way up.
People get tricked not because the link is sophisticated, but because they gain the conviction that “the other side knows me.”
2-2. Targeting Vulnerable Groups Becomes Easier (Fuel for Crime)
When personal data + purchase/usage patterns combine, it becomes “targeting” of who is vulnerable to which scams.
Loan/insurance fraud, “leader rooms” (stock/crypto tip groups), sexual-crime grooming, drug grooming—all have grown in inflow through online messages,
and leaked DBs become the fuel for that crime marketing.
2-3. A Structure Emerges Where “My Family/Friends Get Hit Together Without Me Even Knowing”
As in the Coupang case, if my account address book contains my parents’/friends’ information,
they can be affected by the leak even if they never signed up for Coupang.
This amplifies the fear people feel even more.
3) A ‘Practical Response’ Checklist Individuals Should Start Today (Realistic Version)
3-1. Account Security: “No Password Reuse” Is Priority #1 Over “Password Strength”
Stop reusing the same password immediately.
In particular, shopping/gaming/exchange/telecom-related accounts should be treated as the highest priority.
If possible, use a password manager and set completely different passwords per service.
3-2. Two-Factor Authentication (2FA): Prefer Authenticator Apps/Passkeys Over SMS
SMS authentication becomes riskier when combined with SIM/text-related attacks.
If possible, apply authenticator apps (TOTP) or passkeys first.
Start with crypto exchanges, email, cloud, and financial apps.
3-3. Link-Clicking Rule: “Click Nothing—Open the App Directly to Verify”
Texts about Coupang/delivery/events/refunds/account locks will become even more convincing going forward.
Treat text-message links as essentially blocked at the source,
and verify not through the “link provided in the text,” but by “opening the app/official website directly.”
3-4. Family Security: Set a “Passphrase” (It Looks Like a Joke, but It’s Now Essential)
Once AI voice synthesis is added, “verifying by voice” increasingly loses meaning.
Within families, it’s good to set a passphrase that must be confirmed in urgent requests (transfer, proxy payment, kidnapping, accident).
3-5. Clean Up the Delivery Address Book: Don’t Let My Account Become a ‘Friends-and-Family DB’
Inspect the delivery address lists in services like Coupang and delete unnecessary third-party information.
In particular, prioritize items with high abuse value, such as old addresses, shared-entry information, and recipient phone numbers.
3-6. Financial/Credit Defense: Make Identity-Theft Monitoring “Always-On”
Leaks often erupt “not right now” but “months to years later.”
If possible, turn on credit inquiry alerts, identity-theft detection, and account/card suspicious-transaction alerts.
(In this area, the defense individuals can do is bigger than you might think.)
4) Key Points to See from a Corporate/Policy Perspective (Economic/Industry Reinterpretation)
4-1. This Isn’t Just an IT Incident; It’s a “Rising Trust Cost”
When security incidents repeat, a company’s customer acquisition cost (CAC) rises and churn increases.
Eventually it leads to increased marketing spend → deteriorating profitability, and in the long run it eats into the growth of the platform economy itself.
If the market reflects this, it also increases pressure on corporate value (valuation).
4-2. ‘Zero Trust’ Is Not Technology but an Operating Habit (Especially the Offboarding Process)
What the Coupang case shows is that “automating permission revocation for resigned employees” is the basic infrastructure of enterprise security.
The more people there are (large enterprises/platforms), without this automation, the probability of incidents increases exponentially.
Zero trust isn’t a fancy slogan; it’s an operating system that keeps permissions short, small, and continuously re-verified.
4-3. Security Investment Disclosure Is Meaningless with “Amount” Alone (Structural Limits)
Expanding security disclosures is the right direction,
but amount-only disclosure doesn’t reveal “actual security maturity.”
Items like data segregation/disposal/access control, key management, log auditing, and offboarding automation must be viewed together.
4-4. Global Standard: 1–2% of Revenue in Security Investment + Strong Compensation/Fines When Incidents Occur
Overseas big tech/financial firms view security not as a cost but as R&D/risk management.
In Korea too, unless the regulatory/compensation framework shifts from “followed the guideline, so immunity” to “substantive responsibility,”
the likelihood that similar incidents will keep repeating is high.
5) The “Most Important Content” That YouTube/News Relatively Talk About Less
The key is not “technology that prevents hacking,” but cutting off “the structure where damage explodes after a leak.”
Until now in Korea, even when security incidents happened, the secondary harms individuals felt (scams/identity theft/financial loss) were scattered as “every person for themselves.”
So companies and society alike became numb, thinking “leaks have always existed.”
But when “real-life intrusion data” like order history/address books/entryway information gets combined like this,
and AI voice synthesis/sophisticated phishing also get added, the damage spreads not at the individual unit but across “households, organizations, and transactional relationships.”
So going forward, the goal of security must change from simply “no intrusion” to
a structure that minimizes damage propagation assuming intrusion (least privilege, segregated storage, offboarding automation, immediate anomaly blocking).
This ultimately connects directly to corporate competitiveness (trust) and becomes the economic infrastructure that prevents digital transformation from stalling.
< Summary >
Coupang increased the risk of phishing sophistication because delivery addresses/order information were leaked due to failed management of resigned-employee permissions.
Netmarble’s core issue is a data governance collapse “before security,” because the leak scope is diffusely broad.
Upbit involved theft of 44.5 billion KRW in assets instead of personal data, and the possibility of nation-state-grade attacks/money-laundering patterns is discussed.
For individuals, an immediate need is to stop password reuse, enable 2FA (authenticator apps/passkeys), block text-message links, set a family passphrase, and clean up delivery address books.
The most important essence is that operations across society and companies must shift not only to “prevent intrusion,” but to structures that stop post-leak damage from spreading.
[Related Posts…]
- Why Incidents Happen Even If Security Investment Increases: Why Zero Trust Is “Operations”
- Phishing·Smishing 2026 Latest Trends: A Personal Survival Checklist in the Age of AI Voice Synthesis
*Source: [ 티타임즈TV ]
– 전국민이 털렸다, 우리는 어떻게 대처해야 하나?
