Ministry of Science and ICT Begins Cause Analysis and Damage Prevention
Joint Public-Private Investigation Team May Be Formed if Necessary
Corrective Orders Possible if Security Issues Are Found
There are indications that the universal subscriber identity module (USIM) information of some SK Telecom customers may have been leaked. The Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) have launched an investigation into the extent of the damage and the cause of the incident, and have also formed an emergency response team.
On April 22, the Ministry of Science and ICT stated, "We have requested SKT to preserve and submit data related to the security breach. In addition, KISA experts have been dispatched to the site to provide technical support for analyzing the cause of the incident and preventing further damage."
In consideration of the seriousness of the incident, the Ministry has formed an emergency response team headed by the Director-General for Information Security Network Policy.
A Ministry official said, "If necessary, we will establish a joint investigation team consisting of public and private sector members, and pursue an in-depth analysis of the cause and measures to prevent recurrence." Any technical or managerial security issues at SKT identified during the investigation will be addressed through corrective orders.
A representative from the Personal Information Protection Commission also stated, "After confirming the facts, if an investigation is deemed necessary, the case will be assigned to the relevant investigative department."
Earlier, SKT announced, "At around 11:00 p.m. on April 19, we detected signs that some USIM-related information of SK Telecom customers may have been leaked due to malware." The company added on April 22, "We are continuously working to determine the exact cause, scale, and details of the leak."
SKT stated that, in accordance with relevant laws, it immediately reported the security breach to KISA on April 20. At 10:00 a.m. on April 22, the company also reported the suspected personal information leak to the Personal Information Protection Commission and is cooperating with the related investigation.
The USIM is a module that contains the identification information of mobile subscribers. After inserting a USIM card containing subscriber information into a mobile phone, the device connects to the mobile network for subscriber authentication. Depending on the extent of the leaked information, this could lead to USIM cloning, which may result not only in the leakage of personal information but also in the exposure of financial information through mobile phone authentication.
According to SKT, the leak is believed to have resulted from hacking via malware. Malware was discovered on equipment operating within the internal system, and it appears that some information was leaked. SKT explained, "Upon recognizing the possibility of a leak, we immediately deleted the malware and isolated the equipment suspected of being hacked."
SKT is currently investigating the exact scale of the leak. However, the company maintains that, so far, there have been no confirmed cases of the leaked information being actually misused. The company is currently taking measures such as: ▲ conducting a comprehensive inspection of all systems ▲ strengthening the prevention of illegal USIM device changes and abnormal authentication attempts ▲ and enhancing immediate suspension of use and notification procedures upon detection of suspicious signs of damage.
Regarding this leak incident, SKT has also provided detailed information to customers through its website. In addition, for customers seeking extra security measures, SKT is offering the USIM protection service free of charge via its website and the T World platform.
An SKT representative stated, "We will further strengthen our security system to prevent such incidents from recurring and will do our utmost to establish measures to protect customer information," adding, "We sincerely apologize once again for the concern caused to our customers." Choi Woo Hyuk, Director-General for Information Security Network Policy at the Ministry of Science and ICT, stated, "We will thoroughly supervise major companies and institutions to strengthen information security for information and communications facilities and services that are closely linked to the public's daily lives."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
