Latest news with #USIMs
The Star
04-07-2025
- Business
- The Star
South Korea penalises 'negligent' SK Telecom over major data leak
FILE PHOTO: The logo of SK Telecom is pictured at the GSMA's 2023 Mobile World Congress (MWC) in Barcelona, Spain February 28, 2023. REUTERS/Nacho Doce/File photo SEOUL (Reuters) -South Korean authorities ordered on Friday SK Telecom to strengthen data security and imposed a fine after the country's biggest mobile carrier was hit by a cyberattack that caused the leak of 26.96 million pieces of user data. The measures come after SK Telecom in April disclosed that it had suffered a major leak of customer data caused by a malware attack. Shares in SK Telecom closed down 5.6% on Friday. "SK Telecom failed to fulfil its duty of care to protect USIM data and did not comply with relevant regulations," the Ministry of Science and ICT said in a statement. "Therefore, the company is deemed negligent in this incident," the ministry said as it announced the results of the government's probe into the data leak. USIM refers to universal subscriber identity module cards used in smart phones. The ministry said it would impose a fine of up to 30 million won ($21,970), and SK Telecom must enforce security measures at least once a quarter, have its chief executive officer directly oversee data governance, and increase personnel and investment in data security. Following the government's announcement, SK Telecom unveiled a variety of measures to compensate its affected customers and beef up information protection. The company will invest about 700 billion won ($513.38 million) over five years for data protection and give a discount of 50% for August subscription fees for all of its 24 million customers, it said in a statement. "All SK Telecom executives and employees take the results of the public-private joint investigation very seriously and once again sincerely apologise to customers and society for the cyber breach incident," SK Telecom CEO Ryu Young-sang said. SK Telecom also slashed its forecast for 2025 revenue by 800 billion won to reflect the cost of about 500 billion won for the customer benefit package in relation to the cyber breach incident, the company said in a regulatory filing. Science Minister Yoo Sang-im called the case "a wake-up call for information protection" for the overall network infrastructure. SK Group Chairman Chey Tae-won apologised last month for the data leak and SK Telecom said it would take full responsibility for any harm caused as a result of the breach, which has caused alarm among its 23 million users over the possible theft of personal and financial information. The mobile carrier said it would start offering USIM replacements to all 23 million users for free at more than 2,600 retail stores nationwide following the cybersecurity breach. About 9.39 million users have replaced their USIMs as of late June, according to SK Telecom. ($1 = 1,363.5200 won) (Reporting by Heekyong Yang, Joyce Lee and Ju-min Park Editing by Ed Davies)
Time of India
04-07-2025
- Business
- Time of India
South Korea penalises 'negligent' SK Telecom over major data leak
Academy Empower your mind, elevate your skills South Korean authorities ordered on Friday SK Telecom to strengthen data security and imposed a fine after the country's biggest mobile carrier was hit by a cyberattack that caused the leak of 26.96 million pieces of user measures come after SK Telecom in April disclosed that it had suffered a major leak of customer data caused by a malware attack. Shares in SK Telecom closed down 5.6% on Friday."SK Telecom failed to fulfil its duty of care to protect USIM data and did not comply with relevant regulations," the Ministry of Science and ICT said in a statement."Therefore, the company is deemed negligent in this incident," the ministry said as it announced the results of the government's probe into the data refers to universal subscriber identity module cards used in smart ministry said it would impose a fine of up to 30 million won ($21,970), and SK Telecom must enforce security measures at least once a quarter, have its chief executive officer directly oversee data governance, and increase personnel and investment in data security. Following the government's announcement, SK Telecom unveiled a variety of measures to compensate its affected customers and beef up information company will invest about 700 billion won ($513.38 million) over five years for data protection and give a discount of 50% for August subscription fees for all of its 24 million customers, it said in a statement."All SK Telecom executives and employees take the results of the public-private joint investigation very seriously and once again sincerely apologise to customers and society for the cyber breach incident," SK Telecom CEO Ryu Young-sang Telecom also slashed its forecast for 2025 revenue by 800 billion won to reflect the cost of about 500 billion won for the customer benefit package in relation to the cyber breach incident, the company said in a regulatory Minister Yoo Sang-im called the case "a wake-up call for information protection" for the overall network Group Chairman Chey Tae-won apologised last month for the data leak and SK Telecom said it would take full responsibility for any harm caused as a result of the breach, which has caused alarm among its 23 million users over the possible theft of personal and financial mobile carrier said it would start offering USIM replacements to all 23 million users for free at more than 2,600 retail stores nationwide following the cybersecurity 9.39 million users have replaced their USIMs as of late June, according to SK Telecom.
Time of India
04-07-2025
- Business
- Time of India
South Korea orders SK Telecom to strengthen data security after leak
SEOUL : South Korean authorities ordered on Friday SK Telecom to strengthen data security and imposed a fine after the country's biggest mobile carrier was hit by a cyberattack that caused the leak of 26.96 million pieces of user data. The measures come after SK Telecom in April disclosed that it had suffered a major leak of customer data caused by a malware attack. The Ministry of Science and ICT said on Friday that it will impose a fine of up to 30 million won ($21,970), and SK Telecom must enforce security measures at least once a quarter, have its chief executive officer directly oversee data governance , and increase personnel and investment in data security. "This... was a wake-up call for information protection not only in the domestic telecommunications industry but also in the overall network infrastructure," Science Minister Yoo Sang-im said in a statement issued after an investigation by the ministry. SK Group Chairman Chey Tae-won apologised last month for the data leak and SK Telecom said it would take full responsibility for any harm caused as a result of the breach, which has caused alarm among its 23 million users over the possible theft of personal and financial information. The mobile carrier said it would start offering free universal subscriber identity module (USIM) replacements to all 23 million users for free at more than 2,600 retail stores nationwide following the cybersecurity breach. About 9.39 million users have replaced their USIMs as of late June, according to SK Telecom.
Korea Herald
19-05-2025
- Korea Herald
Nearly 27 million mobile fingerprints leaked in SK Telecom data breach: ministry
Malware attack began in June 2022, officials say A joint team of public and private investigators found that nearly 27 million units of international mobile subscriber identity, or IMSI, have been leaked from SK Telecom's data breach, the Ministry of Science and ICT said Monday. 'The investigators confirmed that the amount of leaked (universal subscriber identity module, or USIM) information was 9.82 (gigabytes), which equals to about 26.69 million units of the IMSI,' said Choi Woo-hyuk, director general of the Cyber Security & Network Policy Bureau at the Science Ministry, in a press briefing to announce the interim findings of the probe at the Government Complex Seoul. IMSI, which can be regarded as a mobile fingerprint, is a 15-digit or shorter number used to identify and authenticate each mobile subscriber on a cellular network. As for SK Telecom's 25 million subscribers being smaller than the number of leaked IMSIs, the officials explained that the number of IMSIs combines all universal subscriber identity modules, or USIMs, loaded onto not only smartphones but also smart watches and other connected devices using the Internet. The authorities announced that they found 25 types of malware and 23 hacked servers so far, up 21 and 18, respectively, from the previous discoveries released by the joint investigation on April 29. Having completed the investigation of 15 servers through detailed assessments, such as forensic and log analysis, the authorities plan to finish the investigation of the remaining eight servers by the end of May. According to the investigators, the first malware was found to have been installed on June 15, 2022. They added that no data was leaked between Dec. 2, 2024, and April 24, 2025. However, they could not confirm whether any data was leaked between June 15, 2022, and Dec. 2, 2024, a period without firewall log history. Regarding the concerns over possible damages from copy phones, whether the information of international mobile equipment identity, or IMEI, a 15-digit serial number assigned to every mobile phone, was leaked or not drew serious worries among the public. Unlike the government's previous announcement in April, the authorities confirmed during Monday's briefing that they found a hacked server containing 291,831 units of IMEI. According to investigators, there were no damage reports regarding the data breach at the country's biggest telecom carrier yet. They added that phone makers say making copy phones just using the IMEI information is technically impossible. 'Given the types of malware and the methods used in this attack, it is clear that a far more sophisticated level of analysis and efforts are needed compared to what we've seen before,' said Ryu Je-myung, deputy minister of the Office of Network Policy. "That is why we are conducting this investigation with the utmost intensity, based on the judgment that unless we uncover every potential risk thoroughly, there could be even greater threats in the future."
Korea Herald
16-05-2025
- Korea Herald
Over 9,200 SKT users file lawsuits over USIM data leak
In the wake of a major data breach involving SK Telecom's universal subscriber identity module, a group of 9,213 users has filed lawsuits, each seeking damages of 500,000 won ($360), citing gross negligence and violation of personal data protection obligations. The legal team representing the plaintiffs held a press conference Friday, stating that the case goes beyond a typical privacy breach and represents a "foreseeable disaster" caused by SK Telecom's failure to uphold its legal responsibilities as a telecom service provider. 'This incident is not merely about leaked personal information,' the lead attorney said. 'It is a result of SK Telecom's clear violation of its duty to implement proper safeguards and report security incidents promptly. The harm was both preventable and foreseeable.' According to the legal team, victims are suffering from heightened anxiety and inconvenience due to the possibility of their identities being misused for criminal activities through cloned USIMs. Some users have had to replace their USIM cards and have experienced disruptions in financial services. 'The breach has caused serious disruptions to daily life and constitutes a grave infringement of the constitutional right to informational self-determination,' the attorney said. The law firm is demanding that SK Telecom publicly acknowledge its failure to protect customer data, issue a sincere apology to all affected users, disclose the full extent of the data compromised and clarify whether the USIMs' secret encryption key was also leaked. Additionally, it is calling for 500,000 won in compensation per person and concrete measures to prevent secondary damages. The firm also urged government regulators to implement stronger oversight of telecom companies' key servers and to take substantive steps toward systemic improvements.
