On April 29, two days after SK Telecom launched its free USIM replacement service following the theft of subscriber USIM information, citizens are seen lining up at an SKT retail store in Seoul to wait for their replacements. (Yonhap)
With millions rushing to replace compromised USIM cards, South Korea’s telecom giant faces a pivotal test: repairing its defenses — and its reputation.
SEOUL, April 29 (Korea Bizwire) – In the span of just 24 hours, nearly 280,000 SK Telecom customers walked into shops across South Korea to swap out the tiny chips that power their mobile identities. Millions more rushed to book appointments online.
The frenzy came in response to a chilling discovery: a massive breach of SK Telecom’s customer data — specifically targeting users’ universal subscriber identity module (USIM) information — that has sent shockwaves through the nation’s telecom sector and ignited deep concerns over digital security.
By 9 a.m. Tuesday, SK Telecom reported that 4.32 million users had signed up online to replace their USIM cards through a free program launched just a day earlier. Roughly 2,600 retail locations nationwide have mobilized to meet the overwhelming demand, as all 25 million SK Telecom customers — including nearly 2 million budget phone subscribers — are now eligible for the service.
The urgency stems from an April 18 cyberattack, in which SK Telecom detected suspicious signs of a large-scale data leak. While the company has insisted that its main servers were not compromised, government officials are drawing different conclusions.
“I don’t know why SK Telecom denied that,” Choi Jang-hyuk, vice chairperson of the Personal Information Protection Commission, said bluntly during a press briefing. “I think it would be right to view the leak as coming from the main server.”
Demand for USIM replacements is expected to drive an increase in budget mobile phone subscribers following the SK Telecom hacking incident. On April 29, USIM cards are displayed at a budget mobile phone store in Seoul. (Yonhap)
Regulators have launched a full investigation into SK Telecom’s security practices, particularly how it safeguarded its core USIM data repositories. Although Choi declined to offer specifics pending the outcome of the probe, he hinted that SK Telecom could face a fine significantly larger than the 6.8 billion won (US$4.7 million) penalty imposed on rival LG Uplus over a similar leak in 2023.
Thanks to a legal revision that took effect after the LG Uplus case, companies found responsible for major data breaches can now be fined up to 3 percent of their total sales — a potentially severe financial blow.
Meanwhile, SK Telecom is urging customers to take additional precautions beyond just replacing their USIM cards. The company has promoted its USIM Protection Service — a digital safeguard against illegal financial activity — and so far, about 8.72 million people have registered.
Combined, SK Telecom says over 13.31 million users have now either replaced their chips or signed up for the protection program — an extraordinary mobilization but one that underscores the magnitude of public fear.
While no financial fraud tied to the stolen data has been reported yet, cybersecurity experts warn that danger still looms. Hackers could use compromised USIM information for phishing attacks disguised as text messages, KakaoTalk chats, or emails, exploiting South Koreans’ heavy reliance on mobile communication.
The Korea Internet & Security Agency has urged the public to stay vigilant, warning against clicking on suspicious SMS messages, known locally as “smishing” attacks, and encouraging citizens to report incidents immediately.
For SK Telecom, a company once synonymous with technological innovation and reliability, the coming months will be a crucial test — not just to patch its defenses, but to restore the trust that vanished in an instant.
Kevin Lee (kevinlee@koreabizwire.com)
