[Reporter’s Notebook] KT Failed to Prevent Not Just Hacking, But Customer Anxiety

Industry Repeats Early Denial and Downplaying
Delayed Responses Heighten Consumer Anxiety

KT recently issued an official apology for hacking incidents involving illegal micro base stations (femtocells) used for unauthorized small payment transactions. While the company has promised to prevent recurrence, it is hard to ignore that its passive response exacerbated the problem. In the early stages of the incident, KT dismissed it as a simple customer error and denied the possibility of hacking. Only later did it reverse its position, resulting in delayed initial measures and notifications to affected customers.

Earlier this month, the police notified KT of unauthorized small payment incidents, but the company’s initial reaction was denial. Meanwhile, reports of damage continued to snowball. It took four days before KT identified abnormal payment patterns. On September 11, ten days later, the company finally admitted that there was a possibility that 5,561 International Mobile Subscriber Identity (IMSI) numbers had been leaked. As many as 19,000 people had connected to the illegal base stations. Many of them were not even aware that they might have been affected.

The notification to customers was also inadequate. Instead of sending text alerts, KT relied on website announcements, leaving many victims to discover the incident only after checking their own payment records. If the company had acted quickly to block the threat and warned affected customers directly at the outset, the scale of the damage could have been reduced. KT claimed that the leaked information was limited to IMSI numbers, but since small payment transactions require entering a name, phone number, date of birth, and passing an automated response system (ARS) verification, the possibility of further personal information leakage cannot be ruled out.

The real problem is that even if personal information is leaked, customers have no way of knowing. The telecommunications infrastructure is a "black box" to ordinary people. Individuals have no means of determining what information was stolen, how much was exposed, or whether further damage may occur. Ultimately, consumers are left with no choice but to accept the explanations and retractions provided by the telecom company. This information imbalance only heightens customer anxiety.

It will take time for the government’s investigation and the results of the criminal probe to be released. Even if identifying the cause of the incident takes longer, at the very least, customers should have been promptly informed about the risks and the actions being taken.

The telecommunications industry has already repeated this pattern multiple times. When a security incident occurs, companies initially deny or downplay it, only to admit the facts and announce countermeasures after the damage has escalated. What this incident reveals is not only a technical vulnerability. The repeated delays and reversals in response are the main factors fueling consumer anxiety. While telecom companies deny hacking incidents and respond complacently out of fear of fines and criticism, customer damage only grows. Preventing hacking is not the only responsibility of telecom companies. Prompt action and effective crisis management to minimize customer anxiety and distrust should be the top priority.