SK Telecom Sheds Subs in Wake of Disastrous Data Breach
South Korea's SK Telecom (SKT) is scrambling to reassure customers in the wake of a disastrous security breach that occurred on April 19 and has led to the loss of tens of thousands of mobile service customers. The telco's problems started when it discovered that malware had infected its Home Subscriber Server (HSS) and an unknown volume of critical SIM-related information was extracted by hackers, including authentication keys for up to 23 million SK Telecom mobile subscribers.
The breach presented a conundrum: any data illegally gathered could enable SIM card cloning, identity theft, and unauthorized access to bank accounts. However, since there was no way of knowing how much data had been collected and what nefarious use was likely to be made of it, it was impossible to assess the risk facing individual SIM customers.
In an effort to prevent illegal SIM card duplication and unauthorised access to bank accounts, SKT announced it had invoked protection measures. This included strengthening its fraud detection system (FDS) and implementing a SIM card protection service to prevent illegal SIM card duplication. The company also promised a full investigation into the breach, promising to find culprits, prevent recurrence, and assure customers that it was doubling down on security.
However, as it clearly couldn't absolutely guarantee that fraudulent activity wouldn’t result from the breach, SKT also offered replacement SIM cards to all 23 million customers. To prevent an overload at its stores, the company set up a free SIM card replacement reservation system for customers to book a time (from April 28 onwards) at which they could collect a new SIM from one of SKT's 2,600 retail outlets.
Despite this plan, SKT faces major challenges. The company only has 1 million SIM cards in stock and will have to wait for more, according to reports. As a result of such delays and concerns about data security, SKT has already lost more than 70,000 customers to rivals, reported The Korea Herald.
In addition, SKT's share price has plunged by more than 5% in the past week. To address this, SKT unveiled exactly what data had been stolen: SIM card information, such as subscriber phone number and IMSI (multiple mobile subscriber identity number), were leaked, but the international mobile equipment identity number (IMEI) was not.
SKT also noted that the Ministry of Science and ICT stated that customers who subscribe to SKT's SIM card protection service "can prevent illegal activities, such as duplicating the SIM card with the leaked information and inserting it into another phone (so-called SIM swapping)". According to Business Korea, almost 10 million SKT subscribers have signed up for the SIM card protection service so far.
The breach was described by SKT's CEO, Ryu Young-sang, as "the worst hacking case in the history of the telecom industry". In a statement, he apologized to customers who had trusted and used SK Telecom and to society for the great inconvenience and concern caused. The company will implement additional measures to provide free SIM card replacement to all SK Telecom customers if they so desire.
Despite this effort, many customers did want their replacement cards. The initial rush soon led to shortages of replacement cards at SKT's retail outlets and another bout of frustration and anger amongst SKT's customers. To further alleviate the fear, uncertainty, and doubt, the company is actively encouraging the use of its 'SIM protection service'.
SKT claims it registered more than 2 million new subscribers to the protection service between April 22 and 24. According to the CEO, "SK Telecom places the highest priority on customer trust, and we will further strengthen our security system and establish measures to strengthen the protection of customer information."
The company's reputation is now at risk, with rival service providers certain to appeal to SKT's customers and months of customer appeasement ahead. For the past couple of years, SKT has made headlines with its AI strategy but now, at least in the short term, it is on the back foot.