Probe suggests possible leak of SK Telecom users' private information
Servers at SK Telecom containing personal information and universal subscriber identity module (USIM) data of all subscribers have been compromised in a cyberattack, raising concerns that critical USIM data used in financial transactions may have been leaked, a joint government-private investigation team said on Monday.
According to the team's interim findings, the breach dates back to June 15, 2022, when unidentified attackers are believed to have planted malware on the company's servers.
A total of 23 SK Telecom servers were compromised, all of which store four types of USIM data, including international mobile subscriber identity (IMSI) information, reports Yonhap news agency
The IMSI is a unique identifier for each user on a network and could potentially be exploited in financial transactions.
Investigators said it is believed that 9.32 gigabytes of USIM data, equivalent to roughly 26.9 million IMSI numbers, have been leaked. SK Telecom currently has 25 million subscribers, including 2 million budget phone users.
Among the affected servers, two had been used as temporary storage for personal data, such as names, birthdays, phone numbers and email addresses.
Investigators said they are still working to determine the exact scope of data stored on those two servers.
The team said it found no evidence of any data leakage between Dec. 3, 2024, and April 24 of this year according to available firewall log data from the hackers.
However, no log data was available between June 15, 2022, and Dec. 2, 2024, making it impossible to confirm whether any leaks occurred during that time frame.
SK Telecom detected the breach on April 18. In response, the company has offered to replace the USIM of all 25 million subscribers, including 2 million budget phone users, free of charge to prevent identity theft or financial fraud.
The company has also enrolled all users in its USIM protection service, which, it says, offers the same level of protection against unauthorised financial activities as a physical USIM replacement.
