Latest news with #USIMs
Korea Herald
19-05-2025
- Korea Herald
Nearly 27 million mobile fingerprints leaked in SK Telecom data breach: ministry
Malware attack began in June 2022, officials say A joint team of public and private investigators found that nearly 27 million units of international mobile subscriber identity, or IMSI, have been leaked from SK Telecom's data breach, the Ministry of Science and ICT said Monday. 'The investigators confirmed that the amount of leaked (universal subscriber identity module, or USIM) information was 9.82 (gigabytes), which equals to about 26.69 million units of the IMSI,' said Choi Woo-hyuk, director general of the Cyber Security & Network Policy Bureau at the Science Ministry, in a press briefing to announce the interim findings of the probe at the Government Complex Seoul. IMSI, which can be regarded as a mobile fingerprint, is a 15-digit or shorter number used to identify and authenticate each mobile subscriber on a cellular network. As for SK Telecom's 25 million subscribers being smaller than the number of leaked IMSIs, the officials explained that the number of IMSIs combines all universal subscriber identity modules, or USIMs, loaded onto not only smartphones but also smart watches and other connected devices using the Internet. The authorities announced that they found 25 types of malware and 23 hacked servers so far, up 21 and 18, respectively, from the previous discoveries released by the joint investigation on April 29. Having completed the investigation of 15 servers through detailed assessments, such as forensic and log analysis, the authorities plan to finish the investigation of the remaining eight servers by the end of May. According to the investigators, the first malware was found to have been installed on June 15, 2022. They added that no data was leaked between Dec. 2, 2024, and April 24, 2025. However, they could not confirm whether any data was leaked between June 15, 2022, and Dec. 2, 2024, a period without firewall log history. Regarding the concerns over possible damages from copy phones, whether the information of international mobile equipment identity, or IMEI, a 15-digit serial number assigned to every mobile phone, was leaked or not drew serious worries among the public. Unlike the government's previous announcement in April, the authorities confirmed during Monday's briefing that they found a hacked server containing 291,831 units of IMEI. According to investigators, there were no damage reports regarding the data breach at the country's biggest telecom carrier yet. They added that phone makers say making copy phones just using the IMEI information is technically impossible. 'Given the types of malware and the methods used in this attack, it is clear that a far more sophisticated level of analysis and efforts are needed compared to what we've seen before,' said Ryu Je-myung, deputy minister of the Office of Network Policy. "That is why we are conducting this investigation with the utmost intensity, based on the judgment that unless we uncover every potential risk thoroughly, there could be even greater threats in the future."
Korea Herald
16-05-2025
- Korea Herald
Over 9,200 SKT users file lawsuits over USIM data leak
In the wake of a major data breach involving SK Telecom's universal subscriber identity module, a group of 9,213 users has filed lawsuits, each seeking damages of 500,000 won ($360), citing gross negligence and violation of personal data protection obligations. The legal team representing the plaintiffs held a press conference Friday, stating that the case goes beyond a typical privacy breach and represents a "foreseeable disaster" caused by SK Telecom's failure to uphold its legal responsibilities as a telecom service provider. 'This incident is not merely about leaked personal information,' the lead attorney said. 'It is a result of SK Telecom's clear violation of its duty to implement proper safeguards and report security incidents promptly. The harm was both preventable and foreseeable.' According to the legal team, victims are suffering from heightened anxiety and inconvenience due to the possibility of their identities being misused for criminal activities through cloned USIMs. Some users have had to replace their USIM cards and have experienced disruptions in financial services. 'The breach has caused serious disruptions to daily life and constitutes a grave infringement of the constitutional right to informational self-determination,' the attorney said. The law firm is demanding that SK Telecom publicly acknowledge its failure to protect customer data, issue a sincere apology to all affected users, disclose the full extent of the data compromised and clarify whether the USIMs' secret encryption key was also leaked. Additionally, it is calling for 500,000 won in compensation per person and concrete measures to prevent secondary damages. The firm also urged government regulators to implement stronger oversight of telecom companies' key servers and to take substantive steps toward systemic improvements.
Korea Herald
30-04-2025
- Business
- Korea Herald
Korea's intelligence agency urges SKT USIM card replacements across all ministries
South Korea's top intelligence agency has ordered all government ministries and public agencies to replace SK Telecom USIM cards used in official devices, following a cyberattack that compromised the core systems the company uses to verify mobile users on its network. The National Intelligence Service confirmed to The Korea Herald that it issued the directive on Tuesday, requiring USIM replacements in all SKT-connected work phones, tablets, and even mobile routers that support essential services like traffic control and remote monitoring. Until replacements are completed, agencies must activate SK Telecom's optional 'USIM Protection Service' to prevent potential misuse. The move follows the discovery of unauthorized access to SKT's subscriber authentication system, a key part of its telecom infrastructure. While it's still unclear what exact data was accessed or extracted, the system holds encrypted credentials that authenticate users across the mobile network. If exploited, this information could allow attackers to impersonate users or clone SIM cards — raising concerns about fraud and identity theft. 'Some SIM information may have been exposed during the attack,' the Ministry of Health and Welfare reportedly wrote in an internal notice this week. 'That creates a risk of phone cloning and related scams. Employees using SK Telecom should replace their USIM cards or activate USIM protection.' Other ministries, including the Ministry of the Interior and Safety and the Ministry of Education, are also taking action. The Interior Ministry has asked departments to even stop using SKT personal phones for work and is reviewing which official devices are still on SKT networks. An Interior Ministry official acknowledged they haven't yet figured out exactly how many of their approximately 5,500 employees are SKT customers. Meanwhile, South Korean tech giants like Samsung, Naver, and Kakao have already begun replacing employee USIMs. With over 23 million subscribers, SK Telecom is now facing public backlash, customer defections and signs of an emerging class-action lawsuit. A spokesperson for the NIS described the USIM replacement directive as 'a preemptive measure to limit further risk before the full impact of the intrusion is understood.'
Korea Herald
27-04-2025
- Business
- Korea Herald
SK Telecom vows to take full responsibility for damage from recent data leak
SK Telecom, South Korea's leading mobile carrier, vowed Sunday to take full responsibility for any damage to customers caused by a recent network hacking incident involving the potential leak of subscriber information. Earlier this month, the carrier detected signs of a massive leak of customers' universal subscriber identity module data due to a cyberattack and offered the free replacement of the USIMs of all of its 23 million users. "You can prevent hacking damage by subscribing to the USIM protection service. Please trust us and sign up," the company said in a release. "If any damage occurs, SK Telecom will take full responsibility." As of 6 p.m., 5.54 million people had subscribed to the service, accounting for 24 percent of the carrier's total subscribers. The company emphasized that the service is as effective at preventing damage as replacing the USIM itself. The free replacement service will begin Monday, and the company has asked customers to make online reservations to minimize inconvenience. Acting President Han Duck-soo instructed officials to review whether the company's response measures were appropriate and to inspect the country's overall data protection system against cyberattacks. A joint civilian-government probe into the data breach is under way and is expected to take about one to two months, officials said. (Yonhap)
Korea Herald
27-04-2025
- Politics
- Korea Herald
Acting president orders government to check SK Telecom's response to data leak
Acting President Han Duck-soo on Sunday instructed the government to check the adequacy of SK Telecom Co.'s response measures for a potential major leak of universal subscriber identity module data. On April 18, SK Telecom detected signs of a massive leak of customers' USIM data due to a cyberattack, prompting the company to announce Friday that it would replace the USIMs of all of its 23 million users. Han instructed the Ministry of Science and ICT to "closely" inspect the company's response measures, which also include recommending users to sign up for a USIM protection service, according to his office. He also called on the government to "thoroughly" analyze the cause of the incident while instructing the National Intelligence Service and other relevant agencies to inspect the country's data protection system against cyberattacks, it said. (Yonhap)
