Latest news with #IMSI
Time of India
05-06-2025
- Health
- Time of India
Consider establishing fertility centre at GRH expeditiously: HC to state
Madurai: Taking into account that a proposal was sent to the govt regarding establishing a fertility treatment centre at Government Rajaji Hospital (GRH) in Madurai district, Madras high court observed that the govt may consider establishing the centre as expeditiously as possible. The court was hearing a public interest litigation filed by an activist, A Veronica Mary. The petitioner sought a direction to the state to establish a fertility centre with all infrastructures, including PGD-IVF, intracytoplasmic sperm injection (ICSI), intracytoplasmic morphologically selected sperm injection (IMSI), laser hatching, sperm bank, egg bank, embryo bank, time lapse, fibroid clinic, and other required facilities at GRH in Madurai, for the benefit of poor childless couples. T by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like 2025 Top Trending local enterprise accounting software [Click Here] Esseps Learn More Undo he petitioner's counsel submitted that the petitioner earlier filed a similar petition in 2018. After the authorities submitted that the proposal for starting the fertility centre and to procure the equipment was sent to the govt for orders, the court disposed of the petition. Though a proposal was already forwarded, no final decision was taken by the govt for establishing the fertility treatment centre at GRH. Therefore, the petitioner filed the present petition. A division bench of justice S M Subramaniam and justice A D Maria Clete observed that no doubt, it is a policy decision to be taken by the govt after considering various factors and mitigating circumstances. The court, not being an expert body in the medical field, cannot substitute its opinion regarding whether a particular treatment centre should be established. "However, there are growing demands from the public that such fertility centres are to be established strategically in various places enabling the poor people to take treatment. When the demand requires the establishment of such centres for the benefit of the people, any welfare govt has to consider the same in an effective manner," the judges observed. After suggesting the govt to consider establishing the centre expeditiously, the judges disposed of the petition.
![[Editorial] Hole in cybersecurity](/_next/image?url=https%3A%2F%2Fall-logos-bucket.s3.amazonaws.com%2Fkoreaherald.com.png&w=48&q=75){kind=small}
Korea Herald
21-05-2025
- Korea Herald
[Editorial] Hole in cybersecurity
SK Telecom breach dates back 3 years; Malware indicates China-based hacking The nation was jolted by interim probe findings that personal information and universal subscriber identity module or USIM data of practically all subscribers of SK Telecom may have been leaked by hackers. The cyberattack dated back about three years and turned out to be much more extensive than revealed in the initial briefing, according to the second briefing Monday by a joint investigation team of the Ministry of Science and ICT and the Korea Internet & Security Agency. SK Telecom discovered the breach about a month ago, on April 18. Leaked USIM data amounted to 9.82 gigabytes. which equates to roughly 26.9 million units of international mobile subscriber identity or IMSI numbers. This means that the USIM data of practically all SK Telecom subscribers has been leaked. Currently, it has 25 million subscribers, including 2 million budget phone users. A total of 23 SK Telecom servers were found to be compromised by malware, up from the five disclosed in the previous briefing held on April 29. The number of malware variants found to have infected the servers increased from four to 25. Among the affected servers, two had been used as temporary storage for personal data, such as names, birthdates, phone numbers and email addresses, as well as data on international mobile equipment identity or IMEI, a serial number assigned to every mobile phone. The possibility of financial fraud and other forms of secondary damage from copy phones has gone up. Investigators found that hackers planted malware on June 15, 2022. It is shocking that not only the telecom carrier but also the government and private cybersecurity firms had remained in the dark about the malware's infiltration for about three years. There is another problem. How much damage the cyberattack will cause down the road is anyone's guess. SK Telecom reportedly keeps log data for the last four or five months. So, no log data is available for the period from June 15, 2022, when malware was first planted, to Dec. 2, 2024. Fortunately, no evidence was found showing any data leakage between Dec. 3, last year and April 24 of this year, but investigators could not confirm whether any leaks occurred during the period for which log data is not available. It is worth noting that 24 of the 25 malware variants detected this time were found to be BPFDoor, a backdoor reportedly used by China-based hackers to attack Middle Eastern and Asian telecom companies in recent years. Experts warn that this malware could be used for a cyberattack on the communication infrastructure of a country. Given that data on all SK Telecom subscribers may have been leaked for as long as three years, the breach is not likely to emerge as a simple hacking case. It is uncertain whether the incident was an organized cyberattack to cripple the communication system of a country rather than an attempt to steal money. Considering the cyber intrusion was not detected for so long, anybody can guess a similar thing may be happening at other communication networks or major institutions. Communication infrastructure is one of the cruxes of state administration. Cyberattacks could paralyze it secretly, plunging a nation into chaos. The SK Telecom breach reconfirms how vulnerable South Korea has become to such vital attacks. SK Telecom bears the primary responsibility for protecting its system from hacks, but the government needs to check the nation's cybersecurity this time. Also, the National Assembly should do its part to help telecom carriers fend off cyber infiltrations from abroad. One of the laws that it needs to revise is its espionage law, which only punishes spying activities done for North Korea. Recently, two Chinese nationals were caught photographing fighter jets near air bases in South Korea but released after telling police that photographing was their hobby. Police say there was no evidence that they did so for North Korea. China or the US would likely respond quite differently. For a nation to keep its sovereignty, security must be tight, cyber or not.
Korea Herald
19-05-2025
- Korea Herald
Nearly 27 million mobile fingerprints leaked in SK Telecom data breach: ministry
Malware attack began in June 2022, officials say A joint team of public and private investigators found that nearly 27 million units of international mobile subscriber identity, or IMSI, have been leaked from SK Telecom's data breach, the Ministry of Science and ICT said Monday. 'The investigators confirmed that the amount of leaked (universal subscriber identity module, or USIM) information was 9.82 (gigabytes), which equals to about 26.69 million units of the IMSI,' said Choi Woo-hyuk, director general of the Cyber Security & Network Policy Bureau at the Science Ministry, in a press briefing to announce the interim findings of the probe at the Government Complex Seoul. IMSI, which can be regarded as a mobile fingerprint, is a 15-digit or shorter number used to identify and authenticate each mobile subscriber on a cellular network. As for SK Telecom's 25 million subscribers being smaller than the number of leaked IMSIs, the officials explained that the number of IMSIs combines all universal subscriber identity modules, or USIMs, loaded onto not only smartphones but also smart watches and other connected devices using the Internet. The authorities announced that they found 25 types of malware and 23 hacked servers so far, up 21 and 18, respectively, from the previous discoveries released by the joint investigation on April 29. Having completed the investigation of 15 servers through detailed assessments, such as forensic and log analysis, the authorities plan to finish the investigation of the remaining eight servers by the end of May. According to the investigators, the first malware was found to have been installed on June 15, 2022. They added that no data was leaked between Dec. 2, 2024, and April 24, 2025. However, they could not confirm whether any data was leaked between June 15, 2022, and Dec. 2, 2024, a period without firewall log history. Regarding the concerns over possible damages from copy phones, whether the information of international mobile equipment identity, or IMEI, a 15-digit serial number assigned to every mobile phone, was leaked or not drew serious worries among the public. Unlike the government's previous announcement in April, the authorities confirmed during Monday's briefing that they found a hacked server containing 291,831 units of IMEI. According to investigators, there were no damage reports regarding the data breach at the country's biggest telecom carrier yet. They added that phone makers say making copy phones just using the IMEI information is technically impossible. 'Given the types of malware and the methods used in this attack, it is clear that a far more sophisticated level of analysis and efforts are needed compared to what we've seen before,' said Ryu Je-myung, deputy minister of the Office of Network Policy. "That is why we are conducting this investigation with the utmost intensity, based on the judgment that unless we uncover every potential risk thoroughly, there could be even greater threats in the future."
Korea Herald
19-05-2025
- Business
- Korea Herald
Probe suggests possible leak of SK Telecom users' private info from cyberattack
Servers at SK Telecom Co. containing personal information and universal subscriber identity module data of all subscribers have been compromised in a cyberattack, raising concerns that critical USIM data used in financial transactions may have been leaked, a joint government-private investigation team said Monday. According to the team's interim findings, the breach dates back to June 15, 2022, when unidentified attackers are believed to have planted malware on the company's servers. A total of 23 SK Telecom servers were compromised, all of which store four types of USIM data, including international mobile subscriber identity information. The IMSI is a unique identifier for each user on a network and could potentially be exploited in financial transactions. Among the affected servers, two had been used as temporary storage for personal data, such as names, birthdays, phone numbers and email addresses. Investigators said they are still working to determine the exact scope of data stored on those two servers. SK Telecom detected the breach April 18. (Yonhap)
Korea Herald
04-05-2025
- Korea Herald
What SK Telecom USIM leak means for you
SK Telecom, South Korea's largest telecommunications provider, confirmed last week that its internal systems were breached in a hacking attack, raising concerns over a possible data leak involving universal subscriber identity module (USIM) cards. As public anxiety continues to grow, the company has rolled out a three-tier protection plan that includes an upgraded fraud detection system, its existing USIM protection service and free USIM card replacements upon request. Since the free replacement program began Monday, approximately 705,000 users — just 2.8 percent of SK Telecom's subscriber base — have replaced their USIM cards, with progress reportedly slowed by limited inventory. Despite these protective measures, customer trust appears to be eroding. On Tuesday alone, 35,902 subscribers switched to rival carriers, following 34,132 the previous day. About 60 percent moved to KT Corp., with most of the rest opting for LG Uplus. To help consumers better understand the situation, The Korea Herald answers key questions surrounding the recent USIM data leak. Q. What is a USIM? A universal subscriber identity module is a smart card that stores subscriber information to authenticate users on mobile networks. It contains data such as the subscriber's phone number and international mobile subscriber identity (IMSI), but does not contain personal information like their name, resident registration number, or address. Q. What USIM information was leaked in the recent security incident? According to the Ministry of Science and ICT's preliminary findings on Tuesday, subscriber phone numbers and IMSI data were leaked. However, international mobile equipment identity (IMEI) numbers, the 15-digit serial numbers that uniquely identify a mobile device, like a smartphone or tablet, were not compromised. The ministry said that users subscribed to SK Telecom's USIM protection service are safeguarded from illegal USIM cloning and unauthorized use, commonly known as SIM swapping. Q. What protective measures is SK Telecom taking for customers? SK Telecom has implemented a three-layered protection system: an enhanced fraud detection system to block suspicious authentication attempts, a USIM protection service and free USIM card replacement upon request. Q. What is the fraud detection system? The FDS monitors real-time network activity and blocks abnormal authentication attempts. For instance, if a subscriber is located in Seoul but a login is attempted from Busan, the system identifies it as suspicious and denies access. SK Telecom has upgraded this system to its highest security level in response to the breach. Q. What is the USIM protection service? This service binds a USIM card to a specific mobile device, preventing it from being used if cloned and inserted into another device. Even if a USIM is illegally copied, it cannot function unless it is paired with the original device. Q. Do customers using the USIM protection service still need to replace their USIM cards? The USIM protection service offers equivalent security to USIM replacement. However, SK Telecom provides free USIM replacement for customers seeking additional protection. Users will need to reinstall any data stored on the USIM, such as digital certificates. Q. What is the newly proposed 'USIM formatting' method? The so-called 'USIM format' is a software-based method currently being developed by SK Telecom. It aims to provide the same security as replacing the physical USIM card but with less inconvenience. Instead of swapping hardware, the USIM's internal software will be reconfigured. While users still need to visit a service center, the process is expected to be quicker and more user-friendly. The service is planned for rollout in May. Q. Can financial assets be stolen using leaked USIM information? No. Even if a USIM is cloned using the leaked data, it cannot connect to SK Telecom's network without passing through security systems like the FDS. Furthermore, financial theft requires additional personal information, such as passwords or identity verification. No related financial crimes have been reported to date. Q. If a USIM is cloned, are contacts, messages or apps also copied? No. The leaked data only includes identification information stored on the USIM. Personal content such as contacts, messages and apps is not related to the incident. Q. Does setting a USIM PIN help in this case? A USIM PIN locks the USIM to prevent unauthorized use if physically stolen, but it is not directly related to the recent data leak. Q. Can someone use services like calls or texts on a cloned phone without the owner knowing? No. Only one line per phone number can access the network at any given time. SK Telecom's FDS and USIM protection service are designed to prevent unauthorized access. Customers are strongly encouraged to enroll in the USIM protection service. Q. Is the Pass app's identity theft protection enough to replace the USIM protection service? No. Personal smartphone authentication app Pass app prevents identity theft by blocking unauthorized phone account registrations using stolen personal data. It does not protect against USIM cloning. Therefore, the USIM protection service is still necessary.
