"Suspected Hacked Equipment Isolated"
Investigating Cause and Scale of Leak
USIM Protection Service Offered Free of Charge
There are indications that some SK Telecom (SKT) customers’ Universal Subscriber Identity Module (USIM) information may have been leaked. Since the USIM is a device that contains the identification information of mobile subscribers, there are concerns about potential damage resulting from this information leak.
On April 22, SKT stated, “At around 11 p.m. on the 19th, we detected signs that some USIM-related information of SK Telecom customers may have been leaked due to malware,” adding, “We are currently continuing to identify the exact cause, scope, and details of the leak.”
SKT reported that, in accordance with relevant laws, it immediately notified the Korea Internet & Security Agency (KISA) of the security incident on April 20. At 10 a.m. on April 22, the company also reported the suspected personal information leak to the Personal Information Protection Commission and said it is actively cooperating with the related investigation.
The USIM is a module that stores the identification information of mobile subscribers. After inserting a USIM card containing subscriber information into a mobile phone, the device connects to the mobile network for subscriber authentication. Depending on the scope of the leaked information, it could even lead to USIM cloning, which may result in not only personal information leaks but also financial information being compromised through mobile authentication.
According to SKT, this leak is believed to have been caused by hacking via malware. Malware was discovered on equipment operating within the internal system, and it appears that some information was leaked. SKT explained, “After recognizing the possibility of a leak, we immediately deleted the malware and isolated the equipment suspected of being hacked.”
SKT is currently investigating the exact scale of the leak. However, the company stated that, so far, there have been no confirmed cases of the leaked information being actually misused. The company is taking measures such as: ▲ conducting a comprehensive inspection of all systems ▲ strengthening the blocking of illegal USIM device changes and abnormal authentication attempts ▲ immediately suspending service and providing guidance if signs of suspected damage are detected.
Regarding this incident, SKT is also providing detailed information to customers through its website. In addition, for customers who want additional security measures, SKT is offering the USIM Protection Service free of charge through its website and T World platform.
An SKT representative stated, “We will further strengthen our security system to prevent such incidents from recurring and will do our utmost to develop measures to protect customer information,” adding, “We sincerely apologize once again for causing concern to our customers.”
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
