SK Telecom, South Korea’s leading mobile network operator, has confirmed a significant cybersecurity breach that compromised the USIM data of approximately 27 million customers. The incident, which was initially detected on April 19, 2025, is reported to have originated as far back as June 15, 2022. The company, which commands nearly half of the national market, is taking steps to mitigate the fallout and secure its network.
The malware was discovered during a routine security check, leading the company to isolate the affected equipment to prevent further access. Reports indicate that attackers were able to steal crucial information, including IMSI numbers, USIM authentication keys, and SMS and contact details stored on the SIM cards. The breach has heightened the risk of SIM-swapping attacks, prompting SK Telecom to implement SIM replacements for all subscribers as a precautionary measure.
A government committee investigating the breach labeled it a severe violation, asserting that 25 distinct types of data were compromised, including personal customer information from 15 of the 23 infected servers. However, SK Telecom has disputed claims regarding the volume of stolen data in a recent statement. As the scale of the attack comes into focus, the telecom giant has halted the acceptance of new subscriptions while actively informing 26.95 million affected customers.
As investigations continue, SK Telecom has intensified security measures, including automatic protection against unauthorized number porting. The company maintains that any malicious activity against its customers is being effectively blocked. In a reassuring statement, SK Telecom affirmed, “We are technically ensuring that illegal USIM and device changes are completely blocked. However, if any damage does occur despite these efforts, we will take 100% responsibility.” This assurance comes as the company pledges to enhance transparency and support for its clientele amidst ongoing scrutiny.