South Korea's leading telecom provider, SK Telecom, has revealed a significant security breach involving customer Universal Subscriber Identity Module (USIM) data. This incident underscores the growing threat of malware attacks targeting critical telecom infrastructure.

Details of the Breach

The breach was identified when SK Telecom detected malware within its systems on the night of April 19, 2025. This malicious software allowed unauthorized access to sensitive USIM information, which includes crucial subscriber details like the International Mobile Subscriber Identity (IMSI) and cryptographic keys.

SK Telecom, which commands nearly half of South Korea's mobile market with around 34 million users, quickly responded by notifying the Korea Internet & Security Agency (KISA) and taking immediate action to contain the threat.

Immediate Response and Measures

Upon detection, SK Telecom swiftly sanitized affected systems and isolated the suspected device responsible for the breach. While no misuse of the compromised data has been confirmed, the company has fortified its defenses against illegal SIM swaps and unauthorized authentication attempts.

  • Enhanced security protocols to prevent further breaches.
  • Offered a complimentary 'SIM protection service' to affected customers.
  • Ongoing investigation to ascertain the breach's full scope and impact.

Ongoing Investigation and Customer Support

SK Telecom continues to investigate the breach to determine its cause and the extent of data exposure. The incident has been reported to the Personal Information Protection Commission, ensuring compliance with regulatory requirements.

Customers concerned about their data security can opt into the company's free SIM protection service for added peace of mind.

Stay informed about the latest in cybersecurity threats and how to protect your data by visiting our Research section.

The link has been copied!