SK Telecom breach exposes nearly 27 million subscriber records

By Kim Dong-young Posted : May 19, 2025, 16:52 Updated : May 19, 2025, 16:52
SK Group Chairman Chey Tae-won makes a public apology concerning SK Telecoms personal data leakage May 7 2025 Jointed Press Corps
SK Group Chairman Chey Tae-won makes a public apology on SK Telecom's personal data leakage, May 7, 2025. Joint Press Corps
 
SEOUL, May 19 (AJP) - Nearly all customers of SK Telecom, South Korea’s largest wireless carrier, may have been affected by a major cybersecurity breach that exposed nearly 10 gigabytes of sensitive subscriber identification data, the government said on Monday.

A joint investigation by the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) found that the breach compromised more than 26.95 million subscriber identification numbers — a figure that exceeds the company’s reported 25 million customers.

The data breach, which was discovered last month, is believed to have gone undetected for nearly three years. Investigators determined that malicious code was first implanted on June 15, 2022, allowing attackers persistent access to SK Telecom’s internal systems through 23 compromised servers.

Officials said 25 types of malware were deployed in the attack, 24 of which exploited the Berkeley Packet Filter — a tool used to monitor network traffic that made the intrusions especially difficult to detect.

“The extracted database may include test data or temporary identifiers used by SK Telecom,” said Lee Dong-geun, head of the Korea Internet Security Center at KISA. He added that additional analysis is required to determine how many legitimate customer accounts were affected.

Initial findings from April 29 had pointed to five infected servers, but a broader investigation later revealed that 18 more systems had been compromised, significantly expanding the scope of the breach.

The revelation has raised national security concerns, with some experts arguing that the scale of the incident warrants government-level intervention beyond corporate responsibility.

Despite the scope of the intrusion, investigators said the stolen data could not be used to clone smartphones or gain physical access to mobile networks. However, SK Telecom has been directed to implement additional safeguards for potentially affected users.

The National Intelligence Service has launched security audits across central government agencies, local governments, and public institutions in response to the breach. As of Monday, no further intrusions had been detected in either public or private networks.
reporter
Kim Dong-young Business Reporter
Kim Dong-young

Copyright ⓒ Aju Press All rights reserved.

0 comments
0 / 300
View more comments

Related

기사 이미지 확대 보기
닫기