SK Telecom Data Breach: Millions of Customers Potentially Affected by USIM Data Compromise
Discover the recent SK Telecom data breach affecting millions of customers. Learn about the malware attack, the company's response, and the implications for cybersecurity.
TL;DR
- SK Telecom, South Korea’s largest wireless carrier, reported a data breach affecting millions of customers.
- A malware attack compromised USIM data, prompting immediate defensive measures and regulatory notifications.
- Customers are advised to take additional security steps, including signing up for SIM protection services.
Main Content
SK Telecom Data Breach: Threat Actors Access Customer USIM Data Through Malware Attack
SK Telecom, South Korea’s leading wireless telecom company, reported a significant data breach affecting its customers. The breach, which occurred on April 19, 2025, involved unauthorized access to Universal Subscriber Identity Module (USIM) information through a malware attack. USIM cards securely store subscriber data, including the International Mobile Subscriber Identity (IMSI) and cryptographic keys.
About SK Telecom
SK Telecom holds a substantial 48% market share in South Korea, serving approximately 34 million subscribers. The company offers a wide range of services, including cellular networks, 5G development, AI services, IoT solutions, cloud computing, and smart city infrastructure. SK Telecom is part of the larger SK Group, a major conglomerate involved in energy, semiconductors, chemicals, and more.
Details of the Data Breach
The telecom giant detected the malware infection at 11 PM on April 19, 2025. Upon discovery, SK Telecom immediately reported the incident to the Korea Internet & Security Agency (KISA) and took steps to sanitize the affected systems and isolate the suspected hacking device. No confirmed cases of data misuse have been reported to date.
SK Telecom has enhanced its defensive measures, blocking illegal SIM card changes and abnormal authentication attempts. Additionally, the company is offering impacted customers free subscriptions to the ‘SIM protection service.’
“On April 19, 2025, at approximately 11:00 PM, SK Telecom discovered circumstances in which some SIM-related information of SK Telecom customers was suspected to have been leaked due to malware.” - SK Telecom data breach notification[^1].
Ongoing Investigation
SK Telecom is continuing its investigation to determine the exact cause and scale of the incident, as well as the extent of the leaked data. The company reported the data leak to the Personal Information Protection Commission on April 22, 2025.
Customer Support
Customers seeking additional security measures can sign up for the SIM protection service.
Follow for Updates
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
Conclusion
The SK Telecom data breach highlights the ongoing threat of malware attacks and the importance of robust cybersecurity measures. As the investigation continues, customers are encouraged to remain vigilant and take advantage of the additional security services offered by the company.