SK Telecom server breach raises security concerns

0
12


A cyberattack on SK Telecom’s servers has compromised personal and USIM-related data of its entire subscriber base, according to interim findings released by a joint government and private sector investigative team on Monday.

The breach was traced back to June 15, 2022, and involved the planting of malware on 23 servers operated by SK Telecom. The servers contained four different kinds of USIM data, including International Mobile Subscriber Identity (IMSI) numbers, which are used to uniquely identify users on mobile networks.

Authorities estimate that 9.32 gigabytes of USIM-related information, including approximately 26.9 million IMSI numbers, may have been leaked. For context, SK Telecom currently serves 25 million customers, including about 2 million using budget mobile services.

Among the compromised systems, two servers temporarily stored personal data like names, birth dates, phone numbers, and email addresses. Investigators are still reviewing the extent of the data stored on these machines and whether it was accessed or stolen.

While firewall logs from December 3, 2024, to April 24, 2025, show no evidence of data being transferred out, the absence of log records between June 15, 2022, and December 2, 2024, means investigators cannot determine if data was leaked during that earlier period.

SK Telecom discovered the breach on April 18, causing the company to take several preventive steps. It is offering free USIM card replacements to all 25 million subscribers in order to reduce the risk of identity theft or misuse of personal information in financial activities. And, all users have been automatically registered in the company’s USIM protection program, which it says provides safeguards equivalent to replacing a physical USIM card.

International response and US-Korea cooperation

In the wake of the breach, South Korea’s Minister of Science and ICT, Yoo Sang-im, held a series of meetings with senior US officials to discuss how the two countries can respond to similar cyber threats in the telecommunications sector, as reported by Korea JoongAng Daily.

During a May 14 meeting in Washington with Federal Communications Commission (FCC) Commissioner Brendan Carr, both parties called for closer international coordination to tackle telecom-related hacking. They cited the SK Telecom breach incident and attacks by the China-based Volt Typhoon group on US telecom infrastructure as examples of growing threats.

The officials also exchanged updates on their respective cybersecurity certification initiatives. Korea’s Internet of Things (IoT) security certification system and the FCC’s Cyber Trust Mark were both discussed as areas where standardisation efforts could benefit companies operating in both markets. The goal is to reduce redundant certification processes and align technical standards.

Yoo’s visit also included discussions about Washington’s classification of South Korea as a “sensitive country,” a label that has sparked concerns about potential restrictions on US research and development (R&D) funding for Korean projects.

On May 15, Yoo met with Lynne Parker, deputy director at the White House Office of Science and Technology Policy. He emphasised the need to maintain strong collaborative ties between the two countries in science and technology, despite shifts in US research funding priorities. US officials confirmed that the Biden administration will continue to enforce a research security memorandum enacted by the previous administration. They also outlined key future investment areas, like artificial intelligence, quantum technology, and biotechnology.

Further discussions were held with Rebecca Keiser and Jessica Robin from the National Science Foundation to explore research partnerships and reinforce cooperation on securing joint scientific initiatives. Yoo also participated in a virtual meeting with Kim Young-kee, director of the Fermi National Accelerator Laboratory, to examine opportunities for collaboration on large-scale science infrastructure projects.

Steps toward AI infrastructure and industry support

In an effort to boost Korea’s AI development efforts, Yoo also visited Nvidia’s headquarters in the US and met with executives Jay Puri and Kalista Redmond. Korea’s National IT Industry Promotion Agency (NIPA), which is overseeing the establishment of the National AI Computing Centre, signed an agreement with Nvidia aimed at ensuring stable supply of high-performance graphics processing units (GPUs) for domestic AI applications.

“Korea’s most important overseas research partner is the United States, so we must closely watch changes in US policy under the second Trump administration and respond accordingly,” Yoo said.

(Photo by Unsplash)

See also: Check Point: AI is boosting cyber threat sophistication

Looking to revamp your digital transformation strategy? Learn more about Digital Transformation Week taking place in Amsterdam, California, and London. The comprehensive event is co-located with IoT Tech Expo, AI & Big Data Expo, Cyber Security & Cloud Expo, and other leading events.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: connectivity, cyberattack, south korea, telecoms


👇Follow more 👇
👉 bdphone.com
👉 ultractivation.com
👉 trainingreferral.com
👉 shaplafood.com
👉 bangladeshi.help
👉 www.forexdhaka.com
👉 uncommunication.com
👉 ultra-sim.com
👉 forexdhaka.com
👉 ultrafxfund.com
👉 bdphoneonline.com
👉 dailyadvice.us

LEAVE A REPLY

Please enter your comment!
Please enter your name here