Millions of SK Telecom customers are potentially at risk following USIM data compromise
South Korea's largest wireless telecom company, SK Telecom, has warned that millions of its customers may be at risk due to a recent malware attack that compromised Universal Subscriber Identity Module (USIM) information.
SK Telecom, which holds about 48% of the market share for mobile services in South Korea, provides cellular service, 5G development, AI services, IoT solutions, cloud computing, and smart city infrastructure. The company is part of the larger SK Group, one of South Korea's biggest conglomerates with interests in energy, semiconductors, chemicals, and more.
The Universal Subscriber Identity Module (USIM) is a smart card used in mobile devices that securely stores subscriber information, including the International Mobile Subscriber Identity (IMSI) and cryptographic keys. The telecom giant detected an infection of its systems at 11 PM on Saturday, April 19, 2025, and promptly reported it to the Korea Internet & Security Agency (KISA) on Sunday, April 20.
Upon discovering the infection, SK Telecom sanitized the impacted systems, isolated the suspected hacking device, and enhanced defensive measures to block illegal SIM card changes and abnormal authentication attempts. The company is also offering impacted customers a subscription to its 'SIM protection service' for free.
The Data Breach Notification
"On April 19, 2025, at approximately 11:00 PM, SK Telecom discovered circumstances in which some SIM-related information of SK Telecom customers was suspected to have been leaked due to malware," reads the data breach notification published by the company.
"SK Telecom immediately deleted the malware after recognizing the possibility of a leak and isolated the suspected hacking device. As of now, there have been no confirmed cases of actual exploitation of the information, but we are implementing the following measures to prevent damage to our customers."
The Investigation Ongoing
SK Telecom is still investigating the security breach to determine the exact cause, the scale of the incident, and the leaked data. The company reported the data leak to the Personal Information Protection Commission at 10:00 a.m. on Tuesday, April 22.
A Call for Customers to Take Action
Customers who want additional security measures could sign up for SK Telecom's 'SIM protection service.' With this service, customers can enjoy enhanced security features and peace of mind knowing that their sensitive information is protected.
Stay Safe Online
If you're a customer of SK Telecom or any other telecom provider, it's essential to stay vigilant when it comes to online security. Regularly update your devices, use strong passwords, and enable two-factor authentication to protect yourself from potential data breaches.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon for the latest updates and cybersecurity tips.