Over 9,200 SKT users file lawsuits over USIM data leak
The legal team representing the plaintiffs held a press conference Friday, stating that the case goes beyond a typical privacy breach and represents a "foreseeable disaster" caused by SK Telecom's failure to uphold its legal responsibilities as a telecom service provider.
'This incident is not merely about leaked personal information,' the lead attorney said. 'It is a result of SK Telecom's clear violation of its duty to implement proper safeguards and report security incidents promptly. The harm was both preventable and foreseeable.'
According to the legal team, victims are suffering from heightened anxiety and inconvenience due to the possibility of their identities being misused for criminal activities through cloned USIMs. Some users have had to replace their USIM cards and have experienced disruptions in financial services.
'The breach has caused serious disruptions to daily life and constitutes a grave infringement of the constitutional right to informational self-determination,' the attorney said.
The law firm is demanding that SK Telecom publicly acknowledge its failure to protect customer data, issue a sincere apology to all affected users, disclose the full extent of the data compromised and clarify whether the USIMs' secret encryption key was also leaked. Additionally, it is calling for 500,000 won in compensation per person and concrete measures to prevent secondary damages.
The firm also urged government regulators to implement stronger oversight of telecom companies' key servers and to take substantive steps toward systemic improvements.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Korea Herald
04-07-2025
- Korea Herald
SKT unveils W1tr post-hack plan after government probe
Plan includes waived fees, extra data and Korea's largest telco cyber spend SK Telecom on Friday pledged a sweeping 1 trillion won ($720 million) compensation and cybersecurity initiative, including penalty-free contract cancellations, after a government probe concluded the carrier was negligent in a hacking attack that exposed nearly 10 gigabytes of sensitive subscriber data. 'I offer my deepest and sincerest apologies. I stand here today with profound remorse and reflection,' SKT CEO Ryu Young-sang said, bowing during an emergency press briefing after the government's disclosure of its findings. 'We take the results of the government's joint public-private investigation very seriously and will swiftly implement all corrective actions and additional measures to prevent any recurrence.' Earlier, the Ministry of Science and ICT said SK Telecom failed to adequately protect its systems against an intrusion in April and ordered the company to permit contract cancellations without penalties and reinforce security measures. In response, SKT announced a compensation initiative, which includes 500 billion won worth of benefits for its about 24 million SKT subscribers, and a 700 billion won investment in cyber security over the next five years — the largest such commitment in Korea's telecom sector. The company also accepted the government's order to remove early termination penalties, a move expected to result in significant financial losses. Customers who canceled their contracts after the hacking, or who do so by July 14, will not be required to pay termination fees. In addition, the telecom giant will also automatically apply a 50 percent discount on telecom bills and provide 50GB of additional data per month to all subscribers, including those using budget services on SKT's network, from August to through the end of the year. Noting how it has been offering free USIM replacements and protection services, the company said it will also provide one year of free access to Zimperium's advanced mobile security solution, used by over 2,500 organizations globally. In its five-year security innovation plan, the company said it aims to double its security workforce, contribute 10 billion won to a security ecosystem fund and strengthen partnerships with universities and startups. The company will also elevate the chief information security officer to report directly to the CEO and recruit cybersecurity experts to its board. Before announcing the compensation plan, SKT lowered its full-year revenue forecast to 17 trillion won from 17.8 trillion won and revised its operating profit outlook from an expected gain to a potential loss on a year-on-year basis. 'This forecast reflects the impact of implementing the customer appreciation program worth 500 billion won and broader market conditions,' SKT said.
Korea Herald
04-07-2025
- Korea Herald
SKT's negligence led to massive hacking, ministry confirms
The South Korean government concluded Friday that SK Telecom failed to take proper action to prevent its massive hacking attack, leaking about 10 gigabytes of sensitive subscriber data as early as August 2021. Authorities ordered the company to allow customers to cancel contracts without paying early termination penalties, a move that could potentially cost the telecom giant billions of won. The Ministry of Science and ICT announced the results of a joint public-private investigation, confirming that hackers first planted malware inside SKT's internal servers on Aug. 6, 2021 — about 10 months earlier than initially estimated. 'SKT failed to fulfill its security obligations to protect subscriber data to deliver secure telecommunication services,' Vice Minister Ryu Je-myung of the Science Ministry said. A forensic inspection of more than 42,600 servers uncovered 33 types of malware, including 27 BPFdoor variants. Hackers infiltrated a server connected to SKT's network management system, planting malicious code to gain access to the Home Subscriber Servers and exfiltrate 9.82 GB of USIM subscriber data — covering nearly all of SKT's customers — and amounting to 26.96 million subscriber identifier records. Investigators also discovered that device identifiers, personal data and call detail records had been stored in plaintext rather than encrypted. While no evidence of leaks was found during periods covered by existing firewall logs, the ministry warned that it could not confirm whether data was exposed during gaps in log records. Authorities also noted a supply chain vulnerability after discovering malicious code embedded in third-party software used by an SKT vendor. The code was installed on 88 SKT servers, but there was no evidence that it had been executed or led to data leaks. 'SKT detected abnormal server reboots in February 2022 and even discovered malware on one server during an internal check, but did not report the incident to authorities at the time. It violated the notification obligations,' Ryu said. Ryu also identified weaknesses in SKT's overall cybersecurity posture, including insufficient investment and staff, and a corporate CISO whose responsibilities were limited to IT systems rather than covering the carrier's core networks. The ministry ordered SKT to adopt multifactor authentication for server access, store firewall and system logs for at least six months, and elevate the CISO role to report directly to the CEO. They also called for the deployment of advanced endpoint detection and response solutions, regular quarterly security inspections of all assets and full encryption of the USIM authentication keys, which other mobile carriers KT and LG Uplus have already implemented. The ministry also obligated the company to allow subscribers with time left on their contracts to cancel without penalties. SKT has estimated that if up to 5 million customers decide to leave, combined losses from waived penalties and lost revenue could exceed 7 trillion won. "This SKT breach is a wake-up call for the entire telecommunications industry and our national network infrastructure. As Korea's top mobile carrier, SKT must prioritize cybersecurity," Science Minister Yoo Sang-im said.
Korea Herald
24-06-2025
- Korea Herald
Three major hacks in two months expose Korea's shortage of full-time cybersecurity staff
South Korea is grappling with a wave of major cyberattacks, yet many businesses still lack full-time cybersecurity staff. The disconnect is becoming more dangerous as high-profile breaches expose personal data and disrupt critical services. On Monday, police launched an investigation into a hack targeting the academic submission platform ( of the National Research Foundation. The attack, reported to regulators on June 16, compromised 120,000 records containing names, birth dates, email addresses and phone numbers. This incident follows a string of others. On June 9, Yes24, one of South Korea's largest online bookstores and ticketing services, suffered a ransomware attack that brought its entire system down for five days. The outage halted book sales and concert ticketing nationwide. In April, telecom giant SK Telecom disclosed that hackers had breached its network, leaking nearly 10 gigabytes of sensitive USIM card data linked to over 26 million subscribers. While no known fraud has occurred yet, the breach was serious enough to prompt an apology from the SK Group chairman on May 7. Most Korean companies have treated cybersecurity as an afterthought. A government survey from 2024, conducted among 27,000 companies by the Ministry of Science and ICT and the Korea Information Security Industry Association, found that just 8.7 percent of businesses believed they needed cybersecurity personnel. Even among large firms with more than 1,000 employees, only 14 percent said they saw a need. Just a third of companies (33.2 percent) said they plan to hire additional security staff within a year. When companies were asked why they were not hiring, nearly half (48.8 percent) said their existing staff could manage. Only about one in four (23.8 percent) pointed to a lack of qualified candidates. Of the country's 79,509 cybersecurity workers, the research said only 28 percent focus solely on security. Most juggle multiple IT roles, and nearly 8 percent are outsourced entirely. Pay is another issue. The average annual salary for a cybersecurity specialist in South Korea is 54 million won ($39,580). That drops to 46 million won at small and mid-sized firms, and even at major corporations, it barely reaches 63 million won. In comparison, cybersecurity professionals in the US earn more than three times that amount on average, at around $127,000, according to the US Bureau of Labor Statistics. Experienced hires often make more, and some global companies offer upwards of $200,000 to compete for skilled workers.
