SK Telecom Co. Chief Executive Officer (CEO) Ryu Young-sang (C) bows to apologize for a large-scale data breach during a parliamentary session at the National Assembly in Seoul on April 30, 2025. ( Image courtesy of Yonhap)
SEOUL, April 30 (Korea Bizwire) — Ryu Young-sang, chief executive officer (CEO) of SK Telecom Co., said Wednesday the company is preparing for the worst-case scenario that a recent cyberattack may have leaked the universal subscriber identity module (USIM) data of all 25 million subscribers.
“In the worst-case scenario, we are bracing for it,” Ryu said during a parliamentary session in response to a question by Rep. Choi Soo-jin about whether all customer data may have been leaked.
SK Telecom, the largest mobile carrier in South Korea with 25 million subscribers out of a population of 50 million, detected the cyberattack on April 18 and discovered signs of a large-scale leak of customers’ USIM data.
Ryu acknowledged that the incident could be considered the worst hacking case in the nation’s telecommunications history.
He also admitted to “procedural issues” in how the data breach was reported to the Korea Internet & Security Agency (KISA).
SK Telecom has come under fire for reporting the incident two days after detection, missing by far the 24-hour notification requirement mandated by law.
Following the revelation, the company pledged to take immediate measures, including a free replacement of USIM chips for all users upon request to prevent potential misuse of the compromised data.
SK Telecom has also asked its subscribers to register for its USIM Protection Service, which it said offers the same level of defense against illegal financial activity as replacing the USIM card itself.
The Personal Information Protection Commission has launched an investigation into whether SK Telecom had appropriate security protocols in place to protect the USIM data stored on its main server.
(Yonhap)
