On April 19, 2025, South Korean telecom giant SK Telecom discovered a data breach affecting customer information. The company’s investigation revealed that hackers used malware to access sensitive data, including customer USIM information. SK Telecom, which holds around 48% of South Korea’s mobile market, immediately took action by deleting the malware and isolating the affected systems. While no confirmed instances of data misuse have been reported, the company is offering impacted customers free SIM protection services.
SK Telecom is one of the country’s largest wireless carriers, serving approximately 34 million subscribers.
The company operates across multiple sectors, including 5G, AI, IoT, and cloud services. As a prominent player in South Korea’s tech and telecom industry, the breach has raised concerns about the security of its vast customer base. SK Telecom has been working with the Korea Internet Security Agency (KISA) to investigate the breach’s extent and determine the data compromised.
The leaked information pertains mainly to customer Universal Subscriber Identity Module (USIM) data, which contains sensitive identifiers.
USIM cards securely store key data like the International Mobile Subscriber Identity (IMSI) and cryptographic keys. Following the breach, SK Telecom warned that the stolen data could potentially be used for SIM swapping and other forms of fraud. The company acted swiftly to block unauthorized SIM changes and abnormal authentication attempts to limit further risks.
The breach has sparked concerns over telecom sector security, as such companies are prime targets for cyberattacks, including state-sponsored cyberespionage. While the cause of the breach is still under investigation, no evidence has pointed to a ransomware attack. SK Telecom continues to enhance its security measures and is offering customers additional protections, including the free SIM protection service to prevent further exploitation of their data.
Reference: