SK Telecom Breach
On April 18, 2025, SK Telecom, South Korea’s largest mobile carrier, revealed a significant data breach that had compromised the sensitive information of approximately 25 million subscribers, nearly the entirety of its user base. The breach targeted the Home Subscriber Server, a vital component for managing subscriber data.
Though SKT confirmed that no personal names or financial account details were exposed, the compromised information included sensitive USIM (Universal Subscriber Identity Module) data, raising serious security concerns. The breach highlighted the accountability of telecom companies regarding their data security practices.
The breach’s initial infection date was revised to August 2021, indicating that it had remained unnoticed for nearly three years. Approximately 28 infected servers were identified among the company’s extensive network of 42,605 total servers. Analysis revealed the presence of 33 different types of malware on these infected servers, suggesting an extensive infiltration into the company’s core network systems and highlighting ongoing weaknesses in cybersecurity monitoring. The lack of vulnerability scanning contributed significantly to the extended duration of the breach. Additionally, law enforcement and the National Assembly were involved in developing a SIM Protection service in response to the breach.
The breach went undetected for nearly three years, with the initial infection traced back to August 2021.
Technical failures played an essential role in the breach’s duration. SKT stored SIM authentication keys without encryption, presenting opportunities for unauthorized SIM cloning, which could exacerbate identity theft risks.
Moreover, the company failed to report the breach to authorities within the legally mandated 24-hour period, further complicating the situation. The conditions under which servers were submitted for investigation raised concerns about potential data tampering and incomplete cooperation with regulatory bodies.
In the aftermath, SK Telecom faced significant penalties and regulatory scrutiny, including a fine of up to 30 million won (approximately $22,000) under the Information and Communications Network Act.
The government mandated strengthened security measures, calling for quarterly assessments and improved data governance oversights.
As a result, the breach severely damaged SKT’s reputation and customer trust, leading to a sharp decline in stock prices and projected losses of over 7 trillion won ($5.1 billion) in the following years, forcing the company to undertake substantial financial adaptations, including investments to strengthen cybersecurity defenses.