"Switching to Another Carrier Also Helps Prevent Damage"
"Hacking Incident Was Detected at 11:40 p.m. on the 19th"
There are projections that it could take up to more than a year for the forensic results regarding the SK Telecom customer USIM information leak incident to be released.
On April 28, at the National Assembly's Political Affairs Committee plenary session, Goh Haksoo, Chairperson of the Personal Information Protection Commission, was asked by Kang Min-kook, a member of the People Power Party, "When do you plan to officially announce the results of the investigation into this incident?" Goh replied, "If it is quick, it may take 2 to 3 months, but if the system is complex, it could take more than a year."
When Representative Kang pointed out that this was an "indifferent and irresponsible remark," Chairperson Goh responded, "SKT customers alone account for nearly half of the population," and emphasized, "As a key telecommunications operator, this is not a trivial matter."
Goh Haksoo, Chairperson of the Personal Information Protection Commission, is speaking at the 8th plenary meeting of 2025 held on the 9th at the Government Seoul Office in Jongno-gu, Seoul. Photo by Yonhap News
He also stated, "We have established a separate task force and have begun operations," and stressed, "Compared to past incidents at LG Uplus or KT, this is a much more serious situation."
Chairperson Goh explained, "Since the Personal Information Protection Act was amended two years ago, the punishment provisions have been strengthened compared to the past, so there is a potential for significant penalties," and added, "Although the company is offering to replace USIMs for free, it seems that public anxiety has not been fully alleviated. We will internally review measures to address these concerns and encourage the company to do so as well."
In response to the question, "Is it safe if you only change your USIM?" he answered, "If you change your USIM, you can prevent secondary damage from the customer's perspective." He also said that switching to another telecommunications provider "could also be effective in preventing secondary damage."
On this day, Lee Heonseung, a member of the People Power Party, asked about the exact time SKT became aware of the hacking incident. In response, Chairperson Goh stated, "According to the report, the recognition time was 11:40 p.m. on the 19th." It was reported that the notification to the Personal Information Protection Commission was received around 10 a.m. on the 22nd, three days later.
According to the current Personal Information Protection Act, all personal information controllers must report to the Personal Information Protection Commission within 72 hours after becoming aware of a personal information leak. Chairperson Goh explained, "If we go by the time submitted in the report, the time SKT reported to the Commission was not late," and added, "There are suspicions that the leak was discovered on the 18th, so it is necessary to clarify the facts regarding this matter."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
