This is the first incident involving a major telecommunications company in about two years since a similar incident occurred at LG U+ in 2011. The scale and route of the leaked information is currently unknown.
According to SK Telecom, the attack was confirmed at around 11 p.m. on the 19th. USIM is a system that identifies individuals through mobile phone lines.
If the data is leaked, it could lead to unauthorized use by third parties, such as the unauthorized creation of SIM cards or the interception of Short Message Service (SMS).
The company emphasized that "We are thoroughly investigating all systems and strengthening measures to block unauthorized changes to USIM cards and abnormal authentication attempts, so the possibility of a problem occurring at this time is low."
The company said it has not confirmed any cases of information being traded on dark websites. The information that may have been leaked does not include names, addresses, resident registration numbers, or email addresses.
SK Telecom President Yoo Young-sang said in a message to employees, "As CEO, I feel a deep sense of responsibility.
"I ask you to further strengthen your system and take every possible measure to protect customer information," he said. There have been data leaks in the Korean telecommunications industry in the past. In January 2023, LG Uplus reported that it had received approximately
300,000 customer records were leaked to a fraudulent website, becoming a social issue. The personal information leaked at the time included mobile phone numbers, names, addresses, birth dates, email addresses, IDs, USIM unique numbers, etc.
The number of items covered by the investigation totaled six. The Personal Information Protection Commission held LG Uplus responsible, imposing a surcharge of 6.8 billion won and a fine of 27 million won on the company in July of the same year.
The committee's investigation did not reveal the cause. In 2012, KT also experienced a major incident in which the personal information of over 8.3 million people was leaked.
The scale of the damage to SK Telecom and the route of the attack have yet to be determined. However, the company has confirmed that the devices it believes were hacked are
Since the server is described as a central server that performs device authentication, it has been pointed out that if the information leak is true, the impact could be widespread.
Professor Lee Seong-yeop of Korea University said, "Since this incident occurred at one of Korea's leading telecommunications companies, the cause is urgent.
"We need to investigate the vulnerability and check whether other IT companies and telecommunications companies have similar vulnerabilities," he said. Some have said that, based on past hacking cases, it is not uncommon for telecommunications companies, which have relatively strong security measures, to have similar vulnerabilities.
As a business operator was targeted, it has been pointed out that North Korea may have been behind the attack. As cyber attacks become more sophisticated due to the advancement of AI (artificial intelligence) technology, the Korean company
There are also concerns about the vulnerability of the security system. In a January report, the Google Threat Analysis Group (GTIG) warned that North Korea could use Google's Gemini AI to target U.S. military personnel stationed in South Korea.
The South Korean government also took the situation seriously and announced that it had investigated the case against the Ministry of Science, ICT and the Korea Internet Security Agency.
On the 21st, the Korea Information Security Agency (KISA) requested SK Telecom to preserve and submit related documents. It has dispatched experts to the site to provide technical support.
The government has set up an emergency response team headed by the head of the ministry, and if necessary, will organize a joint public-private investigative team to thoroughly analyze the causes and implement measures to prevent recurrence.
2025/04/23 06:19 KST
Copyrights(C) Herald wowkorea.jp 104