SK Telecom systems breached in cyberattack
SK Telecom, the country's largest telecommunication firm, confirmed Tuesday that its internal systems had been breached by a hacking attack, indicating a possible data leak involving USIM cards.
The company said it had reported the case to the Korea Internet & Security Agency, adding that there have been no confirmed cases of the leaked information being misused.
The mobile carrier detected suspicious activity around 11 p.m. on Saturday, indicating that hackers had infiltrated its internal systems and installed malware. Upon detection, the company said it immediately removed the malware, isolated affected equipment and launched a full-scale investigation across its systems.
As a precautionary measure, the company is also reinforcing its defense against illegal USIM swaps and abnormal authentication attempts. The company said it will also offer a USIM protection service free of charge to customers upon request.
"We will strengthen our company-wide security system to prevent recurrence and implement measures to restore customer trust," SK Telecom said in a statement.
Following the incident, the Ministry of Science and ICT and KISA have launched an investigation into the scope and cause of the data breach, while also forming an emergency response team.
"We have requested that SK Telecom preserve and submit relevant data related to the breach, and KISA experts have been dispatched to the site to provide technical support aimed at identifying the cause and preventing further damage," the ICT Ministry said.
If the incident is deemed a violation of Article 29 of the Personal Information Protection Act, which mandates implementation of security measures, SKT could face legal sanctions. Under Article 64-2 of the Act, fines of up to 3 percent of the related revenue may be imposed.
If the breach is deemed minor, authorities may opt to impose an administrative fine rather than pursue harsher penalties.
Under the Enforcement Decree of the Personal Information Protection Act, leaks involving over 1,000 records can result in fines of up to 50 million won ($35,200), with the amount adjusted based on the nature and severity of the violation.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Korea Herald
26-05-2025
- Korea Herald
After SKT data hack, no. of malicious apps trying to hack devices spikes
Increasing number of hacking apps pretend to be Korea Consumer Agency, suspected to be 'organized distribution' South Korea is seeing an increasing number of malicious mobile applications disguised as state or private consumer rights agencies, in the aftermath of a massive hacking attacks against SK Telecom. Local cyber security company Everspin said Monday that its Fake Finder service that detects malicious apps has found a substantial increase in programs distributed under pretense of helping consumers, who were affected by the recent data breach made public on April 22. Detections of fake apps falsely named the government-affiliated Korea Consumer Agency had been fluctuating to peak at just under 400 times in April, but the number spiked as high as 671 times between May 11 and May 18. The fake apps used in voice phishing in which victims are told their devices have been hacked via phone and text message, and are encouraged to install the malicious applications as a remedy. The attacks involve fake apps, including one carrying the name of SK Shielders, a cybersecurity company that is part of the SK Group and controlled by the SK Telecom. According to Everspin, four different malicious fake apps have been used to illegally obtain personal information, one of which was designed to intercept calls made to financial authorities and police. "Apps similarly named to (actual companies and government agencies) have been consistently detected in the past, but the recent numbers clearly indicate an organized distribution riding on a certain social issue," the security company said. IIn one of the largest consumer data breach cases in Korean history, SK Telecom's systems have been breached by yet-unidentified group of hackers since June of 2022. It is thought that 9.82 gigabytes of sensitive SIM-related data related to well over 20 million users have been stolen by the hackers.
Korea Herald
26-05-2025
- Korea Herald
Investigation into SK Telecom data breach expands to KT, LG Uplus: sources
A joint government-private investigation team looking into SK Telecom Co.'s recent large-scale data breach has extended its probe to the servers of two other major mobile carriers, KT Corp. and LG Uplus Corp., but found no signs they have been compromised, industry sources said Monday. Initially, the team had asked local telecommunications and platform companies to conduct their own cybersecurity inspections. However, the approach was revised last week amid growing concerns that hackers using BPFDoor malware variants may have also targeted other South Korean mobile carriers, according to the sources. Following the expanded investigation, no traces of hacking activity have yet been found on the servers of KT or LG Uplus, they added. In a media briefing last week, the investigation team revealed interim findings indicating that 25 malware variants had been discovered on 23 servers belonging to SK Telecom. These included 24 variants of the BPFDoor malware and one variant of WebCell. Two of the affected servers had been used as temporary storage for personal data, such as names, birthdates, phone numbers and email addresses, as well as international mobile equipment identity data. The IMEI is a unique identifier for each device on a network and could potentially be exploited in financial transactions. SK Telecom discovered the breach April 18. (Yonhap)
![[Exclusive] No agents' phones affected by SKT hack to date: NIS](/_next/image?url=https%3A%2F%2Fwimg.heraldcorp.com%2Fnews%2Fcms%2F2025%2F05%2F22%2Frcv.YNA.20250520.PYH2025052011090001300_T1.jpg&w=3840&q=100)
Korea Herald
22-05-2025
- Korea Herald
[Exclusive] No agents' phones affected by SKT hack to date: NIS
Spy agency working with US, UK counterparts to track perpetrators behind hack of country's largest mobile operator No mobile phones used by officials working in the government's major security departments have been affected by the SK Telecom hack so far, according to a National Intelligence Service document seen exclusively by The Korea Herald. In the document dated Thursday, the NIS said no official phones used at the five government departments and agencies -- the NIS, Ministry of National Defense, Ministry of Foreign Affairs, Ministry of Science and ICT and the Presidential Security Service -- have suffered a data breach or other security incidents since the hack of the country's largest telecom provider first surfaced last month. Although no security incidents involving official phones have been detected to date, the NIS said it was monitoring for the possibility. According to the NIS, SK Telecom has been the sole manufacturer of official phones used by the South Korean government since April 2020. In the document, the spy service concluded that the security functions of the officials' phones should not, in principle, be affected by the SK Telecom hack. However, the NIS admitted that official phones, which have higher protection than normal phones, could be subject to universal subscriber identity module card duplications. To prevent possible security breaches, all of the official phones have been subscribed to SK Telecom's USIM protection services as of April 29, the NIS said. USIM cards on the official phones were also being replaced with new ones. The NIS said it was working closely with its counterparts in the US, UK and Singapore to identify the perpetrators behind the telecom hack.
