Post

SK Telecom Security Breach: The Unseen Threat Since 2022

Discover the details of the SK Telecom security breach that began in 2022, affecting millions of users. Learn about the company's response and the implications for cybersecurity.

Posted
By Vitus White
2 min read
SK Telecom Security Breach: The Unseen Threat Since 2022

TL;DR

South Korean telecom giant SK Telecom revealed a security breach that began in 2022, impacting over 27 million users. The breach exposed sensitive USIM data, prompting enhanced security measures and a full SIM card replacement initiative.

SK Telecom Security Breach: Timeline and Impact

SK Telecom, South Korea’s leading wireless telecom company, disclosed a significant security breach in April 2025. The breach, which began in 2022, compromised the Universal Subscriber Identity Module (USIM) data of approximately 27 million users.

Key Details of the Breach

  • Detection and Reporting: The breach was detected on April 19, 2025, and promptly reported to the Korea Internet & Security Agency (KISA) the following day.
  • Impact: Sensitive USIM data, including International Mobile Subscriber Identity (IMSI) numbers and cryptographic keys, were exposed.
  • Response Measures: SK Telecom enhanced its defensive measures, blocked illegal SIM card changes, and offered a free ‘SIM protection service’ to affected customers.

Extent of the Data Leak

On May 8, 2025, the Personal Information Protection Committee revealed that 25 types of data were compromised, including phone numbers, IMSIs, SIM keys, and other SIM-related information stored in the Home Subscriber Server (HSS). SK Telecom was instructed to notify all 25.64 million users, including budget phone users, by May 9.

Investigation Findings

A joint investigation discovered that the initial infection occurred on June 15, 2022. The malware remained undetected for nearly three years, compromising 23 servers with 25 types of malware. SK Telecom has isolated the infected servers and ensured that no further data leakage has occurred.

Enhanced Security Measures

SK Telecom has taken the following steps to mitigate the risks associated with the breach:

  • SIM Card Replacement: The company is replacing all SIM cards to counter SIM-swapping risks.
  • Network Security: Enhanced security measures have been implemented to block unauthorized number porting and ensure network integrity.
  • Customer Notification: SK Telecom is notifying all 26.95 million affected users and offering support services.

Conclusion

The SK Telecom security breach highlights the critical importance of vigilant cybersecurity measures. As one of South Korea’s largest telecom providers, the company’s proactive response and enhanced security initiatives are crucial steps in protecting user data and maintaining public trust.

Additional Resources

For further insights, check:

References

Cybersecurity & Data Protection, Data Breaches
cybersecurity data breach malware
This post is licensed under CC BY 4.0 by the author.