SK Telecom, South Korea's leading mobile carrier, confirmed on April 22, 2025, that it experienced a hacking attack resulting in the potential leakage of user USIM (User Subscriber Identification Module) information. The company reported the incident to relevant authorities, including the Korea Internet & Security Agency (KISA) and the Personal Information Protection Commission, immediately after discovering the breach on April 19, 2025, at approximately 11 PM.
In a statement, SK Telecom explained that malicious code had infiltrated its internal systems, leading to concerns about the unauthorized access of subscriber data. Although sensitive personal information such as names, addresses, and financial details has not been compromised, the leaked information includes unique identifiers such as subscriber and device identification numbers, which could potentially be misused for fraudulent activities like creating illegal SIM cards.
The Ministry of Science and ICT is taking the situation seriously, having established an emergency response team to investigate the incident's cause and the extent of the damage. They are also conducting an on-site investigation at SK Telecom's headquarters in Jung-gu, Seoul, to better understand the breach.
SK Telecom acted swiftly upon recognizing the potential for a data leak. They immediately deleted the malicious code and isolated the suspected hacking equipment. The company has stated that they are currently assessing the scope of the leaked information, but they have confirmed that names, resident registration numbers, and emails are not stored on their servers, thus reducing the risk of serious personal data breaches.
As the investigation unfolds, officials have expressed that the potential misuse of the leaked USIM data is a concern. If such information falls into the wrong hands, it could lead to identity theft or telecom fraud, including the opening of accounts with fraudulent identities.
According to a spokesperson from the Ministry of Science and ICT, "We are conducting a thorough investigation to determine the nature of the leaked data and the potential impact on users. We will act quickly to mitigate any damage and ensure that no further breaches occur." The spokesperson noted that the investigation is still in its early stages, and various possibilities, including software vulnerabilities or supply chain attacks, are being considered as potential causes of the breach.
In light of this incident, SK Telecom is enhancing its security measures to prevent illegal modifications of USIM cards and unauthorized authentication attempts. They have also pledged to notify users immediately if any signs of damage or misuse are detected.
Furthermore, for customers who wish to enhance their security, SK Telecom is offering a free USIM protection service through their website and T World platform. This initiative aims to reassure users and provide them with additional security options in the wake of the incident.
While no confirmed cases of misuse of the leaked information have been reported to date, the company is taking no chances. They are committed to conducting a full investigation of their systems and implementing corrective measures if any security weaknesses are identified during the inquiry.
The Personal Information Protection Commission is also involved in the investigation, emphasizing the importance of compliance with privacy laws. They will assess whether SK Telecom adhered to all necessary safety protocols and regulations regarding data protection. Should any violations be found, the commission has indicated that they will impose strict penalties as per the law.
Historically, incidents of data breaches within South Korea's telecommunications sector have raised significant concerns. In January 2023, a hacking attack on LG Uplus led to the exposure of personal data of nearly 300,000 customers, prompting regulatory scrutiny and hefty fines. Similarly, KT Corporation faced massive breaches in previous years, underscoring the ongoing vulnerabilities within the industry.
As SK Telecom navigates this challenging situation, they are determined to reinforce their security infrastructure to safeguard customer information and prevent future incidents. The company has stated, "We apologize for any distress this may have caused our customers and are committed to enhancing our security systems to protect their information better."
With approximately 23 million subscribers, the impact of this breach could be significant, depending on the investigation's outcomes. As the situation develops, both the company and government authorities remain vigilant in monitoring the situation and ensuring that user data is protected from further threats.
In summary, while the immediate threat appears to have been contained, the repercussions of this hacking incident could resonate throughout the telecommunications sector, prompting a reevaluation of security practices and policies to better protect consumer information in the future.
