In a troubling development for its customers, SK Telecom (SKT) has confirmed a significant data breach involving the leakage of some subscriber SIM (USIM) information, raising concerns about potential fraud and identity theft. The incident, which occurred on April 19, 2025, at approximately 11 PM, was the result of a malicious code attack that compromised the company’s internal systems. This breach marks the first known instance of SIM-related information being leaked in South Korea, prompting heightened anxiety among users.
According to SKT, the leaked data is believed to include critical information such as the mobile subscriber identification number (IMSI) and the device unique identification number (IMEI). While the company reassured customers that sensitive personal information—such as names, resident registration numbers, addresses, and emails—was not part of the leak, the implications of the compromised SIM data are still serious. The IMSI is crucial for authenticating subscribers on mobile networks, and in the wrong hands, it could facilitate unauthorized access to users' accounts.
"We detected a situation on the night of April 19 where some customer SIM-related information was leaked due to malicious code. We are currently investigating the exact cause, scope, and items of the leak," SKT stated. The company has since taken immediate action to mitigate the damage, including reporting the incident to the Korea Internet & Security Agency (KISA) and isolating the affected systems.
As concerns about SIM swapping—the practice of fraudulently transferring a victim's phone number to a new SIM card—grow, SKT is urging its customers to subscribe to a free SIM Protection Service. This service is designed to prevent unauthorized use of SIM cards by blocking device changes and restricting overseas roaming services. "This service will help protect our customers from potential unauthorized access to their accounts," the company emphasized.
SIM swapping has become an increasingly common method for cybercriminals to commit fraud. According to the FBI, reports of SIM swapping incidents surged by over 400% from 2018 to 2021, resulting in total losses estimated at $68 million (approximately 93.6 billion won). The fear is that hackers could use the leaked IMSI and IMEI numbers to create duplicate SIM cards, potentially allowing them to intercept calls, messages, and even access sensitive accounts.
Despite the leak, industry experts believe that the likelihood of immediate SIM duplication is low without additional personal information. One security specialist noted, "For duplication to occur, a hacker would typically need not just the IMSI and IMEI but also personal details like names, addresses, and service center numbers." Thus far, SKT has confirmed that such personal information has not been compromised.
However, the possibility of a SIM swap attack remains a source of anxiety for many users. If a subscriber’s SIM is successfully duplicated, the original device may lose connectivity, effectively rendering it useless. This scenario could serve as a warning sign for users to investigate potential fraud. The hackers involved in previous SIM swapping incidents often executed their attacks during late-night hours to avoid detection.
In response to the breach, SKT has implemented additional security measures to prevent illegal SIM changes and abnormal authentication attempts. The company is conducting a thorough investigation of its systems and has committed to enhancing its security protocols to protect customer information. SKT's CEO, Yoo Young-sang, has emphasized the importance of prioritizing customer security and has urged internal teams to conduct comprehensive security checks.
For those concerned about their SIM security, SKT recommends activating a SIM PIN through their smartphone settings. This additional layer of security can help prevent unauthorized changes to a user's SIM card. Users can easily set this up by navigating to their device's security settings and enabling the SIM card lock feature. For Android devices, the path is typically found under Settings > Biometrics and Security > Other Security Settings > SIM Card Lock. For iPhone users, the process involves going to Settings > Cellular > SIM PIN.
While the situation is still developing, SKT has not reported any confirmed cases of secondary damage or misuse of the leaked information as of now. The company continues to monitor the situation closely and is prepared to respond swiftly to any signs of fraud. Additionally, SKT is offering its customers the option to replace their SIM cards altogether, which would render any potential duplicates useless. However, the necessity of such a measure is still under consideration based on the ongoing investigation.
As the telecommunications industry grapples with the implications of this breach, it serves as a stark reminder of the importance of cybersecurity in protecting consumer information. With hackers increasingly targeting mobile networks, both companies and users must remain vigilant against potential threats.
In conclusion, while SKT has taken steps to address the breach and protect its customers, users are encouraged to remain proactive about their mobile security by utilizing available protective measures. The situation underscores the critical need for ongoing vigilance in the face of evolving cyber threats.
