Tech

SK Telecom Data Breach Sparks Privacy Concerns In South Korea

A joint government-private probe in South Korea revealed that attackers compromised servers at telecom giant SK Telecom in a major cyberattack, potentially exposing sensitive personal and USIM data of its entire subscriber base.

The investigation suggests that the breach began as far back as 15 June 2022, when attackers installed malware on SK Telecom’s servers.

The findings, announced on Monday, have triggered widespread concern over the risk of identity theft and financial fraud linked to the leaked data.

Investigators found that attackers infiltrated 23 servers, each storing four types of USIM data, including the International Mobile Subscriber Identity (IMSI), a unique identifier for mobile users.

They estimate the leak involved 9.32 gigabytes of USIM data, potentially exposing around 26.9 million IMSI numbers.

Given that SK Telecom currently serves 25 million users, including 2 million budget phone users, the possible exposure of nearly all subscribers is a significant concern.

Personal Information Also At Risk

Hackers temporarily used two of the affected servers to store personal user data, including names, birthdates, phone numbers, and email addresses.

Investigators have yet to determine the full scope of personal information contained on those servers.

The firewall logs show no evidence of leaks between 3 December 2024 and 24 April 2025, but missing data from 15 June 2022 to 2 December 2024 prevents confirming whether attackers exfiltrated any information during that period.

SK Telecom only detected the breach on 18 April 2025, nearly three years after the initial intrusion.

In response, the company has offered to replace the USIMs of all 25 million subscribers free of charge, including budget users, as a precaution against identity theft or fraudulent financial activity.

Additionally, the company has automatically enrolled all users in its USIM protection service, which it claims provides security measures equivalent to a physical SIM replacement in preventing unauthorised financial transactions.

As the investigation continues, experts warn that hackers could misuse the exposed IMSI data for SIM swapping, unauthorised access, or financial fraud, since IMSIs play a crucial role in mobile network authentication.

This incident not only raises questions about data security standards in the telecom sector but also highlights the long-term risks posed by undetected cyber intrusions.

Further findings from the investigation are expected in the coming weeks.

Also Read: Large Language Models To Destroy A Lot Of Software Jobs: Sridhar Vembu

Anamika Agarwala

Recent Posts

Gautam Adani Hails Puri Lifeguards As Unsung Heroes During Rath Yatra Visit

Gautam Adani, Chairman of the Adani Group, visited Puri in Odisha during the annual Rath…

9 hours ago

Acharya Pramod Krishnam Slams Congress Over ‘Internal Emergency’ Allegation

Acharya Pramod Krishnam, stirred political debate by claiming an 'internal emergency' still exists within the…

9 hours ago

MRM Meeting: Pledge for Global Peace, Green India, De-addiction & Democratic Integrity

Taking a crucial step toward positive transformation, social reform, and global peace, the Muslim Rashtriya…

9 hours ago

India To Host 2029 World Police & Fire Games; Amit Shah Hails Global Recognition

India has been chosen to host the prestigious 2029 World Police and Fire Games in…

10 hours ago

Seeing The Lord Among Devotees Is The Pinnacle Of Humility: Gautam Adani At Rath Yatra

Gautam Adani, along with his wife and Karan, participated in the Rath Yatra in Puri,…

12 hours ago

PM Modi Interacts With Group Captain Shubhanshu Shukla Aboard The ISS

PM Narendra Modi interacted with Group Captain Shubhanshu Shukla, the first Indian to reach the…

13 hours ago